[pmwiki-devel] Security issues: Disabling action=source & action=diff?

christian.ridderstrom at gmail.com christian.ridderstrom at gmail.com
Tue Dec 5 17:32:47 CST 2006

On Tue, 5 Dec 2006, Crisses wrote:

> Anyone against this?  For it?  Want to help?  Want to do it instead? :)

I don't think action=source should be blocked by default.

Here are two "proper" uses for action=source:
* Editing pages with an external editor (would then require edit acces)
* "Including" wiki pages between wikis


Christian Ridderström, +46-8-768 39 44               http://www.md.kth.se/~chr

More information about the pmwiki-devel mailing list