]] Frank Lin PIAT | I am not sure to understand what you want. | It is certainly possible to change the behavior, if it is safe. | | If I were you, I would use curly brackets, like for all code samples:
I want it to be a URL in the generated text. AFAIK code samples are not clickable URLs. [...] | > I find it quite disconcerning that the what upstream considers | > configuration isn't shipped in /etc and marked as configuration files in | > the package, though. | | You should blame us, the Debian package maintainer, not upstream: | Upstream provide a tarball that is meant to be decompressed (typically | in /srv/foo). I don't see how that is relevant? If the allowed URL schemas is supposed to be configurable, that bit of code should be in /etc or be overridable from a file in /etc. | Adding a protocol has important security implication: | - disclosing credential | - DoS attacks (locking accounts...) | - cross site scripting attacks | etc. | The main problem is that wikis are usually public, so anyone can add | arbitrary link. Given you can't accidentially disclose credentials any more by having something be a link than you can do so by putting it inline in a text on a page, I don't really see that as a valid reason. As for DoS attacks, why would they happen just because something is a link? | > I believe this is a release critical bug, but I'd | > appreciate your input on it before filing it. | | MoinMoin/config/__init__.py is not a configuration file, but the | "source" code, that needs to be modified before compilation. | (I understand that you are reluctant to do so, for security reason). | So what is/are the protocol(s) that you want/need? then we'll have to | figure out (your help is welcome): In my specific case, git. | - Does Debian or Windows or MacOS handle it? (with a popular tool) Yes, using git. | - Are those URL scheme documented No idea. | - Are there security issues I don't see what kind of issues that should be, no. -- Tollef Fog Heen UNIX is user friendly, it's just picky about who its friends are -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
