X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/13331e8243ae1eb5fafc0de14fb98990aafafa9c..d60420b0a012b099653ecd4ed582f37662af260a:/doc/todo/Zoned_ikiwiki.mdwn?ds=sidebyside diff --git a/doc/todo/Zoned_ikiwiki.mdwn b/doc/todo/Zoned_ikiwiki.mdwn index 24fe22133..c2dfb7a24 100644 --- a/doc/todo/Zoned_ikiwiki.mdwn +++ b/doc/todo/Zoned_ikiwiki.mdwn @@ -107,6 +107,12 @@ that header might not be needed in the request, and care may be needed to config the server to emit other necessary response headers to discourage caching of content from a private zone. +*Drawbacks:* Not yet implemented, someone would have to do it. +It's not clear [[what code changes fastcgi|todo/fastcgi or modperl installation instructions]] +would require in ikiwiki. An Authorizer seems like a good place to start because of its +limited, simple functionality--but as it could make use of any ikiwiki-supported auth method, +evaluate `PageSpec`s, and the like, it could still run a non-trivial amount of the code. + ## Obstacles A number of ikiwiki features aren't (yet) designed with zoning in mind, @@ -117,6 +123,21 @@ but I'll begin it here. Note that not all of these issues will be problems for all **zoned ikiwiki use cases**. +### Leakage of page existence by `do=goto` + +An unauthorized client can use a `do=goto` request to find out whether a +page exists (will be forbidden to view it) or not (will be forbidden to create it). + +My first idea was to fix this all within [[plugins/contrib/signinview]] by hooking +`cgi` first and checking for `goto` and an unauthorized page. But checking authorization +requires session info, not loaded at `cgi` hook time. Next idea was to somehow skip the rest of +the chain of `cgi` hooks, preventing `goto` from handling the request, and handling +it again in `sessioncgi`. But 'skip the rest of this chain' doesn't seem to be something +a hook can return. + +Hmm, maybe change the `do` parameter to something other than `goto` before the `goto` hook +can see it, _then_ handle it later in `sessioncgi`? + ### Backlinks What is problematic is when you link a public page in a private page :