Hello all,
As we know, one of the most commonly requested features is per-page
protection / ACLs.
That's obviously problematic[1] because MW was never designed for this.
However, what if the respective wiki page's contents were en- and
decrypted (e.g. with JavaScript[2])?
As far as I can tell, that would circumvent the most common problems
(like transclusion workarounds).
(I just had this idea when looking at the TiddlerEncryptionPlugin[3] for
TiddlyWiki[4] - so it might not be well thought through!?)
Any comments?
-- F.
[1] cf.
http://www.mediawiki.org/wiki/Security_issues_with_authorization_extensions
[2] Relying on client-side functionality would be somewhat problematic,
obviously - but not really a huge issue, especially if it only affects a
few sensitive pages. Plus in corporate intranets, where per-page
restrictions are probably needed most, there should be a pretty
homogeneous environment, which makes it easy to ensure that JavaScript
is available.
[3]
http://tinyurl.com/23g65m
(
http://remotely-helpful.com/TiddlyWiki/TiddlerEncryptionPlugin.html#Tiddler…)
[4]
http://www.tiddlywiki.com