[pmwiki-users] &action=source
Petko Yotov
5ko at 5ko.fr
Sun Jun 28 16:22:41 CDT 2015
Add to config.php:
$HandleAuth['source'] = 'edit';
This way, only people with 'edit' permissions will be able to see the
source (the edit password will be requested, or a username/password will
be required).
Petko
On 2015-06-28 22:53, JamesM wrote:
> I've been using pmwiki for a few years, and have only just discovered
> the
> &action=source thing.
> Unfortunately, this shows the entire source, including things written
> after
> (:if false:), which I use for hiding information (it's on a lecture
> course
> website, and I have some stuff hidden from student view).
>
> So, how can I disable &action=source?
> Or better, password protect it.
>
> I tried putting
> $DefaultPasswords['source']=' .... ';
> into config.php. This works for ['admin'] and ['edit'] but seems to
> make
> no difference for ['source'].
More information about the pmwiki-users
mailing list