Hi Alex - Great! I see the drawback with losing the name. For now I've just added some text to instruct "please rename to a zip". With such cryptic file names it adds to the security by obscurity (hah!). Reminds me of the old trick in email to have file "foo.zip.rename" to suggest people to rename.
Kidding aside, I think it's helpful to allow uploads and I'm not worried about the security of it. Maybe if I were to pick a single mimetype, I'd go with zip or tar.gz as that's the main reason someone would upload if it's too much to paste in as a code example or to include a complete working example with some supporting files (images, example DB, etc). On Tue, Jan 31, 2012 at 5:01 AM, Alexander Burger <a...@software-lab.de> wrote: > Hi Joe, > >> > I uploaded the code but couldn't figure out how to link to it on the page. >> >> I'm afraid this is not possible. The wiki supports only <img> and > > Now I've added support for arbitrary files to the Wiki. > > >> We could extend it for arbitrary mimetypes, but then I'm not sure which >> tag to generate. A simple <a> might be dangerous in case someone uploads >> a malign file, right? Any idea? > > Thinking about it, I think it is all right. The file can only be > downloaded after all. > > What I did is extend the <{name} markup, so that if the file's mimetype > is neither image nor video, it is simply put into a <href>. The file > will be presented for download then. A small drawback is that the file's > name is lost in the process, because it is stored in a DB blob, and some > cryptic name is given to the downloaded file. I'll think more about > that. > > > I see that you already solved the problem in your wiki article > "http://picolisp.com/5000/!wiki?ErsatzWebApp" by providing an external > link. > > For a test, though, I added an entry with the new mechanism. Please > modify it if you like. > > Cheers, > - Alex > -- > UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe -- UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe