History: Plugin Security

View published page Collapse Into Edit Sessions

Preview of version: 14

By default, Wiki Syntax is designed to be safer than HTML. If we let users just use any HTML & Javascript, some could do nasty things like XSS.

Thus, when a plugin is potentially insecure, it must be approved by someone with appropriate permissions.

The permissions involved are:

Permission	Description
tiki_p_plugin_approve	Can approve plugin execution
tiki_p_plugin_preview	Can execute unapproved plugin
tiki_p_plugin_viewdetail	Can view unapproved plugin details

Plugins can be enabled or disabled on a site wide basis by an admin. So if you don't need it, turn it off.

Enable pagination rows per page

Information	Version
Thu 17 Feb, 2022 17:15 GMT-0000 Marc Laporte	17
Thu 17 Feb, 2022 17:14 GMT-0000 Marc Laporte	16
Thu 17 Feb, 2022 17:00 GMT-0000 Marc Laporte	15
Mon 18 May, 2020 17:32 GMT-0000 luciash d' being 🧙	14
Thu 24 May, 2012 10:53 GMT-0000 Xavier de Pedro added to another structure too	13
Thu 24 May, 2012 10:53 GMT-0000 Xavier de Pedro added to one structure	12
Thu 24 May, 2012 10:49 GMT-0000 Xavier de Pedro	11
Thu 03 Mar, 2011 15:19 GMT-0000 luciash d' being 🧙 Image Plugin modified by editor.	9
Thu 03 Mar, 2011 15:19 GMT-0000 luciash d' being 🧙 Image Plugin modified by editor.	8
Thu 03 Mar, 2011 15:15 GMT-0000 luciash d' being 🧙	7
Sun 19 Sep, 2010 17:31 GMT-0000 Marc Laporte	6
Sun 19 Sep, 2010 17:18 GMT-0000 Marc Laporte Image Plugin modified by editor.	5
Sun 19 Sep, 2010 17:16 GMT-0000 Marc Laporte Image Plugin modified by editor.	4
Thu 10 Sep, 2009 03:44 GMT-0000 Marc Laporte	3
Tue 08 Sep, 2009 16:18 GMT-0000 Marc Laporte	2
Tue 08 Sep, 2009 16:10 GMT-0000 Marc Laporte	1