Difference between revisions of "User talk:WikiSysop"

From IridiaWiki
Jump to navigationJump to search
(add simple security extension)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
TODO:
 
TODO:
  +
  +
* Trying to access a blocked page without login produces the warning:
  +
  +
<nowiki>Warning: call_user_func_array() [<a href='function.call-user-func-array'>function.call-user-func-array</a>]: First argument is expected to be a valid callback, 'OutputPage::setTitle' was given in <b>/usr/share/mediawiki/includes/StubObject.php</b> on line <b>32</b></nowiki>
   
 
* [http://www.mediawiki.org/wiki/Manual:Security Security]. How much is implemented?
 
* [http://www.mediawiki.org/wiki/Manual:Security Security]. How much is implemented?
   
  +
* Currently image authorization blocks all images. This is excessive. We do not want to block images such as http://iridia.ulb.ac.be/wiki/Image:Icon_warning.png . It would be nice to have a way to whitelist images. See: http://www.mediawiki.org/wiki/Manual:Image_Authorization and http://www.mediawiki.org/wiki/Manual:$wgWhitelistRead
* [http://www.mediawiki.org/wiki/Manual:Image_Authorization Image Authorization]. TODO
 
  +
  +
UNDER TEST:
  +
 
* [http://www.mediawiki.org/wiki/Manual:Image_Authorization Image Authorization].
   
 
DONE:
 
DONE:
  +
  +
* 2010.09.23 - Commented in <code>img_auth.php</code> the lines of code which checked whether a user was logged in or not.
  +
This prevented an anonymous user to see and download an image embedded in a publicly accessible page, such as the images in the [[Logos]] page.
  +
The user who wants to limit access to a file, has now to explicitly change
  +
permission settings in the '''protect''' tab.
  +
  +
* [http://www.mediawiki.org/wiki/Localsettings#Logo Logo moved into a proper directory].
   
 
* [http://www.mediawiki.org/wiki/Manual:Short_URL Short URLS].
 
* [http://www.mediawiki.org/wiki/Manual:Short_URL Short URLS].

Latest revision as of 17:01, 25 July 2012

TODO:

  • Trying to access a blocked page without login produces the warning:

Warning: call_user_func_array() [<a href='function.call-user-func-array'>function.call-user-func-array</a>]: First argument is expected to be a valid callback, 'OutputPage::setTitle' was given in <b>/usr/share/mediawiki/includes/StubObject.php</b> on line <b>32</b>

UNDER TEST:

DONE:

  • 2010.09.23 - Commented in img_auth.php the lines of code which checked whether a user was logged in or not.

This prevented an anonymous user to see and download an image embedded in a publicly accessible page, such as the images in the Logos page. The user who wants to limit access to a file, has now to explicitly change permission settings in the protect tab.