Kasimir Gabert wrote:
Hello Charles,
For (1) I would not allow uploads of HTML through MediaWiki -- this is much too big of a security hole. I would build a custom script that uploads files but scans through for any illegal HTML tags (do it by whitelist, not by blacklist) -- the script can also integrate the uploaded files into MediaWiki *after* it has passed the security inspection.
Okay, thanks, but this is under pretty tight control. Let's say I *really* *really* wanted to do this, even with security concerns in mind. Let's say, further, that I've already taken HTML types out of $wgFileBlacklist, text/html and similar types out of $wgMimeTypeBlacklist, and set $wgCheckFileExtensions, $wgStrictFileExtensions, and $wgVeryfyMimeType all to false ... and I still get an error and it refuses to upload my html files.
What am I missing?
For (2) It seems to me that you do not have "diff3" installed on your machine. Type in "which diff3" and see whether or not you have it installed. You might need to change it to a different diff engine, or install the proper one.
I appear to have a proper diff3, but what I'm getting as a result is a file called "index.php" with these contents (inserted as a quote to make it stand out):
[Process] Type=Diff text Engine=MediaWiki Script=http://vortex.stortek.com/wiki/index.php Special namespace=Special
[File] Extension=wiki URL=http://vortex.stortek.com/wiki/index.php?title=Main_Page&action=raw&...
[File 2] Extension=wiki URL=http://vortex.stortek.com/wiki/index.php?title=Main_Page&action=raw&...
Does this give anyone any clues?
Thanks,
Charlie