Hi Alex - Great! I see the drawback with losing the name. For now I've
just added some text to instruct "please rename to a zip". With such
cryptic file names it adds to the security by obscurity (hah!).
Reminds me of the old trick in email to have file "foo.zip.rename" to
suggest people to rename.
Kidding aside, I think it's helpful to allow uploads and I'm not
worried about the security of it. Maybe if I were to pick a single
mimetype, I'd go with zip or tar.gz as that's the main reason someone
would upload if it's too much to paste in as a code example or to
include a complete working example with some supporting files (images,
example DB, etc).
On Tue, Jan 31, 2012 at 5:01 AM, Alexander Burger <a...@software-lab.de> wrote:
> Hi Joe,
>
>> > I uploaded the code but couldn't figure out how to link to it on the page.
>>
>> I'm afraid this is not possible. The wiki supports only <img> and
>
> Now I've added support for arbitrary files to the Wiki.
>
>
>> We could extend it for arbitrary mimetypes, but then I'm not sure which
>> tag to generate. A simple <a> might be dangerous in case someone uploads
>> a malign file, right? Any idea?
>
> Thinking about it, I think it is all right. The file can only be
> downloaded after all.
>
> What I did is extend the <{name} markup, so that if the file's mimetype
> is neither image nor video, it is simply put into a <href>. The file
> will be presented for download then. A small drawback is that the file's
> name is lost in the process, because it is stored in a DB blob, and some
> cryptic name is given to the downloaded file. I'll think more about
> that.
>
>
> I see that you already solved the problem in your wiki article
> "http://picolisp.com/5000/!wiki?ErsatzWebApp"; by providing an external
> link.
>
> For a test, though, I added an entry with the new mechanism. Please
> modify it if you like.
>
> Cheers,
> - Alex
> --
> UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe
--
UNSUBSCRIBE: mailto:picolisp@software-lab.de?subject=Unsubscribe
