Thank for the responses...I think I've got it (and this confirms my understanding): so I'll try to summarize:
As Eric notes, as long as there are no server-side scripts, TiddlyWiki is just like any other HTML file, and the fact that visitors can modify **their** local "copy" of the wikii in their browser has no impact on my server. As long as they don't have write permissions -- thus, we should (as I've proposed) do our wiki development in a secure sandbox, and wiki serving on the public Web site. And, to repeat, just be sure I've got it: there is nothing different (from a security perspective) about an html that happens to be a tiddlywiki and an html file generated by drupal or any other content management system. As Lost Admin (?) notes, correctly, that giving individuals *edit* privs in a TiddlyWiki is a whole different ballgame -- and that is not what I'm asking for. Many thanks for the insights. It's interesting trying to convince info tech professionals to hold two contradictory beliefs simultaneously: that TW is really not much different than any other html files you've seen, and that TW is radically different than every other application you've ever seen. //steve. On Thursday, February 21, 2019 at 10:17:03 AM UTC-5, Lost Admin wrote: > > Hi Steve, > > On the topic of your first point, TiddlySpot PHP... TiddlySpot uses a > program on the server to save the Tiddlywiki file. When you press the save > button on your tiddlywiki, it makes a call to the server side program to > save itself on the server. > > The team is saying they need to review the server side script, apparently > written in PHP. I reviewed a variation of that script. In my opinion the > version I reviewed is adequate for a hobby site. I would want a lot of > enhancements to it for anything serious (but that's just my opinion). > > On the second point, there are really 2 issues in the one point. > > First is that anyone with access to save a tiddlywiki on your site could > modify the javascript that makes tiddlywiki work. Since tiddlywiki is > giving you the ability to edit the javascript within the tiddlywiki, it is > easy for anyone who has access to it to modify and save it so that it > affects the next person to view the tiddlywiki. > > Second is the issue of cross-site-scripting (XSS). That is, because the > core of tiddlywiki can be modified by anyone who can save a tiddlywiki, > they can have it call outside scripts (this is how things like the discus > plugin work). The problem is, like the first part, once one person modifies > it, it is affected by everyone else who uses the tiddlywiki. > > In summary, tiddlywiki requires a very high level of trust in everyone who > can edit a tiddlywiki document. As such, it may not be appropriate for > environments where you shouldn't place a high level of trust in your users. > Like say the students at a University. > > The node.js version of Tiddlywiki might be a bit better in addressing the > above, but it would still need to prevent the users from saving any > javascript. > > On Thursday, February 21, 2019 at 9:47:20 AM UTC-5, [email protected] > wrote: >> >> Hello old friends, >> >> I'm working with the CIO at my University to see if it is possible to >> serve tiddlywiki files on our Web site. >> >> These are two concerns that have been raised: >> >> >> - Adding the TiddlySpot PHP script to enable rewriting from the >> browser is a potential security vulnerability that needs to be thoroughly >> vetted by the web team. >> - Exposing core JS files that can be publicly edited and have changes >> applied from the browser is a potential XSS vulnerability. >> >> >> Not sure what the first means ("TiddlySpot PHP" script - I had sent him >> a wiki served on TiddlySpot as an example of a page I wanted to host on our >> site). Could I eliminate that by building wikis from scratch on the >> desktop, or using TiddlyDesktop, or even on google drive? >> >> The second - any thoughts? Can changes to the JS be applied from the >> browser? >> >> (Is this question better asked in the TiddlyWiki dev group >> <https://groups.google.com/forum/#!searchin/TiddlyWikiDev/xss%7Csort:date> >> -- a place I've always feared entering... :)? >> >> Thanks for your help! >> >> //steve. >> >> >> -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/96fd801e-651a-41a7-9e75-46d00824c999%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
