On Wed, May 25, 2011 at 9:45 AM, Fabien Chéreau <[email protected]> wrote: > On Wed, May 25, 2011 at 03:52, Alexander Wolf <[email protected]> wrote: >> 2011/5/25 Fabien Chéreau <[email protected]>: >>> This approach has several advantages: it will be much easier for >>> contributors to translate the website, it will be easier to manage >>> updates, the whole code will be stored in the main Stellarium bzr. >> >> I would prefer not to load a website in the main repository of Stellarium's. > > Why? If the doc and wiki directories are omitted it would add only 4mb.
It may be a source of conflicts when merging branches into the trunk. The less merge conflicts, the better. >>> 2- There may be some security issues by allowing untrusted people to >>> edit the translated website content in launchpad (like injection of >>> javascipt etc..). A solution could be to allow only trusted people to >>> edit the translations on launchpad, but unfortunately the permissions >>> management for project translation in LP is unfortunately not very >>> flexible and as far as I understood, I don't think it's possible. >> >> This issue is being addressed through changes policy permissions for >> the translation project - > > I don't see how. > >> but you can not specify different policies >> for different "domain's" within one project. > > It's another problem yes. I suggest using the existing stellarium-website project, though I don't see how we can avoid code injection. Perhaps using the PHP script that includes the text to strip tags? If this is going to be a security vulnerability, I suggest abandoning the plan. Our website is visited by a lot of people. Regards, Bogdan Marinov ------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1 _______________________________________________ Stellarium-pubdevel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/stellarium-pubdevel
