This is along the lines of what I'd like to see, but as with FND, I'd much rather avoid the negative term "santize_unless" if possible, and have it as "sanitize" instead. I have a hard time getting my head around "sanitize_unless: NONE".
Also, I had in mind the sanitise algorithm would be flexible with a sensible default, so someone could add a plugin with a more/less restrictive sanitize() function. Related to that, how do we know what kind of content this is, for the purpose of sanitisation. I could be HTML, a stylesheet, or Javascript. (I can imagine even JS being sanitised at some point using Caja.) Or it could be some other format for something other than a web doc. On Apr 3, 12:19 pm, FND <[email protected]> wrote: > > Corrupting the data is pretty much exactly what we want here. > > [...] > > If somebody wants text/plain they can PUT text/plain to the server and > > it will be served back that way only. > > That sounds reasonable then. > (Are text/plain PUTs stored differently? I'll look into that to make > sure I properly understand this... ) > > > Changing the data on the way in is easier. > > Absolutely. > That alone isn't a sufficient reason, of course... > > > * The name of the field would be "sanitize_unless". > > * The default would be an empty list. If the list is empty then > > incoming content is not sanitized. > > [...] > > Seems good that way. > Minor concern: I know the name is not final yet, but interpreting > '"sanitize_unless": []' to mean "never sanitize" seems counterintuitive. > > > Some might argue that the default should be NONE or ANY, but that, to > > me, is getting really anti-wiki. I'd rather default to openness and > > protect where necessary. > > I guess this depends on each individual instance's use case. > However, that could probably be solved with a simple (twanager?) plugin > which sets sanitize_unless to NONE or ANY when creating a bag. > > -- F. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TiddlyWikiDev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/TiddlyWikiDev?hl=en -~----------~----~----~----~------~----~------~--~---
