It would be nice if there were an alternate to protecting a page ("lock" a page?) used for pages that will never be public-edited, that could be set to allow raw HTML. And then add some way to deal with the templates issue...
At 07:25 PM 1/26/05, Brion Vibber wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
=James Birkholz= wrote: | It might be nice to be able to allow raw HTML on protected pages....
This idea has been kicked around before. Here are just a couple of the potential pitfalls which have prevented it so far:
- Page protection is used for other purposes, and does not necessarily
mean that the current content is trusted or approved. If an admin protects a page to stop fighting or vandalism and doesn't notice the trap left on it by a malicious user, *BOOM* (A related example is the protected log pages in 1.3.x, where text submitted by non-admin users will be rendered as wiki text in a protected page context.) * Protected pages may use non-protected templates. If the non-protected template gets an bit added to it, *BOOM* - -- brion vibber (brion @ pobox.com) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFB+F9DwRnhpk1wk44RAiJVAKCRSjbfumxtJogqGJVfaaaaPocHmQCg1Mbn e2gVkPTpQpNdkk4nU8puCwc= =43T1 -----END PGP SIGNATURE----- _______________________________________________ MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
James Birkholz admin, Posen-L mailing list and website http://www.Posen-L.com