On 16 Nov 2015 at 13:50:52, Clemens Klein-Robbenhaar (c.robbenh...@espresto.com(mailto:c.robbenh...@espresto.com)) wrote:
> From: Vincent: At 16.11.2015, 13:23 > [...] > > > > > > > > > Personally I prefer a third option: > > > - disallow '/' and '\' in page names completely when creating / renaming > > > pages > > > - in the UI, if the user enters these characters to add (or rename), > > > scrap them from the page name, or replace then by '-' (they will still > > > show up in the title) > > > and create a new page with the name without the slashes > > > - make this configureable, like 'xwiki.pagename.forbiddenchars=/\\' > > > and then people who are able to set up their servlet container to allow > > > slashes can empty that config variable. > > This covers only a portion of all the use cases, unless you also want to > > disable “.”, “:”, “@“, “^” characters in page names because if you don’t > > then they’ll be escaped in serialized references which can surface in the > > URL (as shown by http://jira.xwiki.org/browse/XWIKI-11528 and by the URL > > format I’m proposing for Zip URLs. The reference URL scheme is also > > affected obviously, see > > http://design.xwiki.org/xwiki/bin/view/Design/AlternateURLScheme). > > I didn't mean to say that with my proposal no URL Encoding or other escaping > need to happen at all, or no escaping in entity references. > Of course something like that will need to happen, unless one has a pretty > long list of "forbidden" stuff, which will not be user-friendly. What I meant is that your proposal won’t help unless you also forbid those characters! :) On a personal note, I wouldn’t like to forbid characters in space or page names. We’ve worked hard to not have to do this. > The only part I tried to address is the problem that by default tomcat and > apache's httpd do not allow slashes - encoded or not - in the URL. > I am not sure why the other chars come in here now. If they get properly > escaped / unescaped they should not cause problems. I think you missed the fact that these extra characters that I mentioned need to be escaped when present in serialized references and the escape character in references is “\” :) Thanks -Vincent > Clemens _______________________________________________ devs mailing list devs@xwiki.org http://lists.xwiki.org/mailman/listinfo/devs
