On Jan 13, 2010, at 10:01 AM, Jeremy Cowgar wrote: > "D. Richard Hipp" <d...@hwaci.com> wrote: >> On Jan 13, 2010, at 9:19 AM, Jeremy Cowgar wrote: >> >> We could implement attachments for wiki pages and tickets and stuff >> the auxiliary files in an attachment. >> >> You could keep the code and documention in separate repositories. >> >> Wiki attachments seems like the right approach. The file format is >> designed to support wiki attachments - I've just never implemented >> them. It isn't something that I can add in 5 minutes.... >> > > Attach javascript code such as jQuery, TinyMCE and a few others to a > wiki page so I can access them via the theme? I'm a bit confused. > > Wouldn't it just be simpler to have a new security attribute, say > RdDoc? Then the /doc web handler can check okRead || okRdDoc ?
If you can read using /doc, then you might as well just turn on okRead, because a user can read out the text of any source code file they want. If /doc can read javascript files out of the repository, what is to stop it from reading any other source file out of the repository? D. Richard Hipp d...@hwaci.com _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
