Closed
Bug 291174
Opened 20 years ago
Closed 19 years ago
Devmo Wiki file upload filetypes restrictions need to be expanded
Categories
(developer.mozilla.org Graveyard :: General, defect, P1)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: deb, Assigned: alex)
Details
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3 StumbleUpon/1.9994 Build Identifier: If nothing else, I'd like to be able to let users upload archive formats to the wiki -- .zip, .tar, etc. Upload page I'm talking about is here: http://developer-test.mozilla.org/docs/Special:Upload Reproducible: Always
|
Reporter | |
Updated•20 years ago
|
Assignee: deb → justdave
|
|
Reporter | |
Comment 1•20 years ago
|
||
If there are no security issues, being able to upload .js, .html, and other sample-code files would be ideal. We're having issues in migrating some of the DevEdge content because it includes functioning samples. If we can't upload them so they work via the wiki, we'll have to arrange another method.
|
||
Comment 2•20 years ago
|
||
js might be possible. HTML is a definite no unless we get someone to do some major hacking on the file handling code. MediaWiki does consider it a security issue, and they went to great pains to make sure HTML couldn't be uploaded. I tried to enable it for one of the internal wikis and never succeeded. If we do manage to make it work, I'd suggest requiring sysop privs to upload it and locking the resulting pages.
|
|
Reporter | |
Comment 3•20 years ago
|
||
If it requires lockdown, then I think I'd rather leave regular upload enabled on the wiki and create a secondary web location where other files can be hosted. Either option is going to create a bottleneck since they both require admin-intervention, but having a secondary web location for questionable files (.html, etc) is going to require less attention than requiring admin-intervention for all of the uploads through the wiki (unless that can be configured on a type-by-type basis?)
|
|
Reporter | |
Comment 4•20 years ago
|
||
I've created a (temporary?) dir on chameleon at /data/devmo-dev/samples/ where we can host things until a better (?) solution is found (if necessary). Let me know if there's a problem with that dir at all. I figure I'll just grab and manually upload whatever needs to be stored outside of the wiki there for now.
|
|
||
Updated•20 years ago
|
Severity: normal → major
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P1
|
||
Comment 5•19 years ago
|
||
Changing QA contact to the default QA so interested parties can watch bugs filed before the default QA was changed. Only bugs in an unfixed state have been changed; fixed bugs are unlikely to be reopened, and more bugspam is always a bad thing. Sorry for the bugspam - filter it into your Junk folder by searching for 'WhyDoesMediaWikiHaveToBeEvilAndNotAcceptArbitraryCharactersInTitlesAndLinks'.
QA Contact: deb → qa
|
|
||
Updated•19 years ago
|
Assignee: justdave → polvi
|
Assignee | |
Comment 6•19 years ago
|
||
We are going to figure out a long term security plan.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → WONTFIX
|
||
Updated•19 years ago
|
Component: developer.mozilla.org → Infrastructure
Product: mozilla.org → Mozilla Developer Center
QA Contact: qa → infrastructure
Version: other → unspecified
|
||
Updated•12 years ago
|
Component: Deki Infrastructure → Other
|
||
Updated•4 years ago
|
Product: developer.mozilla.org → developer.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•