We haven't tried Swiki with later versions of the Squeak VM, but it might work as-is. To integrate the Swiki or AniAni code with later versions of the Squeak code would probably take more effort.
The security bug we dealt with was a cross-site scripting problem. If a Swiki isn't found, the basename was returned without quoting. If it was JavaScript, the JavaScript would then be executed, as if coming from the Swiki server. I made a one word change to one script to quote the return value. I think the code is somewhere in the PWS list archives. Cheers, Mark ________________________________________ From: pws-boun...@cc.gatech.edu [pws-boun...@cc.gatech.edu] on behalf of Paul Wittenbraker [witte...@gvsu.edu] Sent: Saturday, August 13, 2011 2:00 PM To: pws@cc.gatech.edu Subject: [Pws] upgrading squeak/swiki I've been using a swiki now for nearly 10 years. It is a great system for quick intro to hypertext context for teaching my college art courses. I've tried other systems, but none offer the design flexibility (html functions) and the ease of use. I am currently running Squeak 3.6.1Beta5, which seems to be the latest version I could find packaged for wiki use. Http://wiki.squeak.org/swiki/16. I also found download for Squeak VM version 4.2, but not with the swiki package. I basically would like to upgrade to prevent occasional errors I get and to possibly implement the aniani function. While I'm at it I want to use the latest versions. Are there other newer packages out there? Can I reconfigure the parts (image, swiki files) with the 4.2 version of Squeak VM? Is there something problematic about using Aniani? I recall possible security issues. Paul Wittenbraker Grand Valley State University _______________________________________________ Pws mailing list Pws@cc.gatech.edu https://mailman.cc.gatech.edu/mailman/listinfo/pws _______________________________________________ Pws mailing list Pws@cc.gatech.edu https://mailman.cc.gatech.edu/mailman/listinfo/pws
