 |
|
Item2047: it seems odd that INCLUDE of a url starting with ATTACHURL or PUBURL would be denied with 'This site does not allow %INCLUDE of URLs'
Priority: Enhancement
Current State: Duplicate
Released In: n/a
Target Release: minor
Current State: Duplicate
Released In: n/a
Target Release: minor
Agreed, it does. However the code has to be careful to ensure that there is no way for the path to be abused e.g. with relative path specifiers. Note also this isn't as simple as it seems. If
viewfile is in use, you can't short-circuit the URL to fetch the file directly, because you might be violating access controls. Fetching the URL by a request also might be a bad idea - there may be a good reason URL fetches are disallowed (such as proxy issues).
Confirmed, as an enhancement.
-- CrawfordCurrie - 25 Jun 2010
Closed as duplicate of Item8906. I created %$FOSWIKIAUTHORS% BuildContrib var back in Item9416 to stop this error on default installs.
-- PaulHarvey - 22 Feb 2012 ItemTemplate edit
| Summary | it seems odd that INCLUDE of a url starting with ATTACHURL or PUBURL would be denied with 'This site does not allow %INCLUDE of URLs' |
| ReportedBy | SvenDowideit |
| Codebase | |
| SVN Range | Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878 |
| AppliesTo | Engine |
| Component | INCLUDE |
| Priority | Enhancement |
| CurrentState | Duplicate |
| WaitingFor | |
| Checkins | |
| TargetRelease | minor |
| ReleasedIn | n/a |
| CheckinsOnBranches | |
| trunkCheckins | |
| Release01x01Checkins |
Edit | Attach | Print version | History: r5 < r4 < r3 < r2 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r5 - 22 Feb 2012, PaulHarvey
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. 
Legal Imprint Privacy Policy
Legal Imprint Privacy Policy