Preview button for doctor



Webtools Graveyard
16 years ago
2 years ago


(Reporter: Jesse Ruderman, Assigned: myk)





16 years ago
Doctor needs a preview button.  It would be nice if it would wrap html pages in's template, but that's not necessary.  It should add a reasonable
<base href> to make it easy to check links.

Since preview will echo scripts back to the user, security precautions are
necessary.  Otherwise, another site could submit a page to "preview" with a
script that tries to read the user's stored CVS password.  (Compare bug 38862
for Bugzilla).

Possible security tricks:

1. Check the referer for a submit to preview.cgi and make sure it's doctor.cgi.  
This would lock out users who have disabled all referers (rather than only
cross-site referers), would not work for Beonex users who chose to use fake
referers (evil!), and I think it would break the HTTP spec.

2. Strip out script tags and event handlers.  
Not a good idea: this is hard to implement, even harder to get right with the
huge number of event handlers, and not forward-compatible with new versions of
IE with new event handlers.

3. Use a different hostname for preview.  Require that preview be done with rather than, and require that all
other scripts be done with  Make Doctor verify that the main
hostname ( and the preview hostname
( are neither identical and that neither is a
substring of the other.  
This would require additional work for anyone who wants to set up Doctor.

I think #3 is best.
*** Bug 253352 has been marked as a duplicate of this bug. ***
QA Contact: asa → doctor

Comment 2

12 years ago
Do we have security risks with wiki when visualizing a page? Else we could do something similar.
OS: Windows 2000 → All
Hardware: PC → All

Comment 3

11 years ago
Doctor has had "view edited" button for quite some time now.

Comment 4

11 years ago
(In reply to comment #3)
> Doctor has had "view edited" button for quite some time now.

Last Resolved: 11 years ago
Resolution: --- → FIXED
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.