Difference between revisions of "User talk:WikiSysop"
From IridiaWiki
Jump to navigationJump to search (add simple security extension) |
|||
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
TODO: |
TODO: |
||
+ | |||
+ | * Trying to access a blocked page without login produces the warning: |
||
+ | |||
+ | <nowiki>Warning: call_user_func_array() [<a href='function.call-user-func-array'>function.call-user-func-array</a>]: First argument is expected to be a valid callback, 'OutputPage::setTitle' was given in <b>/usr/share/mediawiki/includes/StubObject.php</b> on line <b>32</b></nowiki> |
||
* [http://www.mediawiki.org/wiki/Manual:Security Security]. How much is implemented? |
* [http://www.mediawiki.org/wiki/Manual:Security Security]. How much is implemented? |
||
+ | * Currently image authorization blocks all images. This is excessive. We do not want to block images such as http://iridia.ulb.ac.be/wiki/Image:Icon_warning.png . It would be nice to have a way to whitelist images. See: http://www.mediawiki.org/wiki/Manual:Image_Authorization and http://www.mediawiki.org/wiki/Manual:$wgWhitelistRead |
||
⚫ | |||
+ | |||
+ | UNDER TEST: |
||
+ | |||
⚫ | |||
DONE: |
DONE: |
||
+ | |||
+ | * 2010.09.23 - Commented in <code>img_auth.php</code> the lines of code which checked whether a user was logged in or not. |
||
+ | This prevented an anonymous user to see and download an image embedded in a publicly accessible page, such as the images in the [[Logos]] page. |
||
+ | The user who wants to limit access to a file, has now to explicitly change |
||
+ | permission settings in the '''protect''' tab. |
||
+ | |||
+ | * [http://www.mediawiki.org/wiki/Localsettings#Logo Logo moved into a proper directory]. |
||
* [http://www.mediawiki.org/wiki/Manual:Short_URL Short URLS]. |
* [http://www.mediawiki.org/wiki/Manual:Short_URL Short URLS]. |
Latest revision as of 17:01, 25 July 2012
TODO:
- Trying to access a blocked page without login produces the warning:
Warning: call_user_func_array() [<a href='function.call-user-func-array'>function.call-user-func-array</a>]: First argument is expected to be a valid callback, 'OutputPage::setTitle' was given in <b>/usr/share/mediawiki/includes/StubObject.php</b> on line <b>32</b>
- Security. How much is implemented?
- Currently image authorization blocks all images. This is excessive. We do not want to block images such as http://iridia.ulb.ac.be/wiki/Image:Icon_warning.png . It would be nice to have a way to whitelist images. See: http://www.mediawiki.org/wiki/Manual:Image_Authorization and http://www.mediawiki.org/wiki/Manual:$wgWhitelistRead
UNDER TEST:
DONE:
- 2010.09.23 - Commented in
img_auth.php
the lines of code which checked whether a user was logged in or not.
This prevented an anonymous user to see and download an image embedded in a publicly accessible page, such as the images in the Logos page. The user who wants to limit access to a file, has now to explicitly change permission settings in the protect tab.