Loading...
 
Features / Usability

Features / Usability


HTML in a Wiki Page.

posts: 25 United States

Hi All,

I was just searching through the forums as well as googling for a solution to the following:

When pasting a 'huge chunk' of formatted (ie. nice to read) html into a wiki page, the line breaks used for the html formatting are being converted as extra line breaks in the tiki document. So when you preview it where there was only one space you would see two....

My work around until now was to save the nice html and then using my handy dandy UltraEdit; do a search and replace for all CRs and convert them to nothing. This then mangles the HTML into a very difficult to read mash but the wiki will then render it fine.

What I was thinking was why not add a specific tag to be used to signal for embedded html in a wiki document. That way the special rules regarding ignoring HTML user friendly formating can be implemented without borking the normal treatment of CR in a normal wiki doc?

Something like {} {{{/HTML}}} could preface an html coded section.... I found an article on how smarty is being used to templates and I'll read that to see if I can get any clues.

I'm curious to hear what some of the devs have to say on this... question

Regards,

MichaelE
http://g33kv2.efamilynj.org

posts: 2881 United Kingdom

In a wiki environment allowing HTML is a very dangerous option. You should convert all the HTML code to wiki syntax or write some wiki-plugins to generate your HTML forms.

Why is this dangerous?

Well I could post a img src based JS attack on your site. to give me the contents of the tiki login cookie, and then use that data to gain control of the TikiWiki site.

You should always disable HTML on the wiki, and convert anything HTML to use wiki-syntax and wiki-plugins.

Damian
Damosoft - TikiWiki Development Services

posts: 1092
If you limit html use to some editors with tiki_p_use_HTML, I think this feature can be used in this condition

posts: 1092
Btw: Which tiki release? Do you have an example? I don't see the same behaviour on my test ... strange

posts: 25 United States

Thanks for the responses!

My replies:

Version:

at work=Polaris 1.8.4
at home=cvs stable

Security:

I agree with the sentiment of the need to have a limited HTML feature set for 'in the wild' deployments. But in the case of the Wiki inside of the corpLAN, the audience and access is restricted to those with LAN access.

This is always the duel between functionality and security. While I agree on the need to have a stricter context for the outside, I feel that there needs to be a corrolary that will allow for an expanded HTML feature set when needed (such as in my case). I am certain that this is not only true for me but for other Corp types who face similar deployments.

The only alternative I have now is to write some text parsing word macros that will convert word formatting to wiki syntax and then dump a file to be cut and paste into the wiki. I've started some of this coding in VBA but its slow going as I have a myriad of other things on the go as well... cry

posts: 25 United States

Fan-diddly-antastic!!! mrgreen

I'll have to post that link on my blog. I must get twenty google hits for that every day since I posted about it. I'll point them back to that same page...

it'll be interesting to dive into his code to see how he did it...

Thanks for the tip Damian! wink


Upcoming Events

1)  18 Apr 2024 14:00 GMT-0000
Tiki Roundtable Meeting
2)  16 May 2024 14:00 GMT-0000
Tiki Roundtable Meeting
3)  20 Jun 2024 14:00 GMT-0000
Tiki Roundtable Meeting
4)  18 Jul 2024 14:00 GMT-0000
Tiki Roundtable Meeting
5)  15 Aug 2024 14:00 GMT-0000
Tiki Roundtable Meeting
6)  19 Sep 2024 14:00 GMT-0000
Tiki Roundtable Meeting
7) 
Tiki birthday
8)  17 Oct 2024 14:00 GMT-0000
Tiki Roundtable Meeting
9)  21 Nov 2024 14:00 GMT-0000
Tiki Roundtable Meeting
10)  19 Dec 2024 14:00 GMT-0000
Tiki Roundtable Meeting