X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/fe350e8b895be69471fad094fcdcf0b4c7d3beb3..651cdd4b2a85f4e5f9d298a7eea7d0e6d94442b1:/doc/todo/Restrict_page_viewing.mdwn?ds=sidebyside

diff --git a/doc/todo/Restrict_page_viewing.mdwn b/doc/todo/Restrict_page_viewing.mdwn
index 9c1889d63..69b15a187 100644
--- a/doc/todo/Restrict_page_viewing.mdwn
+++ b/doc/todo/Restrict_page_viewing.mdwn
@@ -37,3 +37,11 @@ much more maintainable htaccess file.
 
 >>>> Yes, I think this could probably be used in combination with ikiwiki's
 >>>> httpauth and openid plugins. --[[Joey]] 
+
+>>>>> If you use the httpauth and the cgiauthurl method, you can restrict a path 
+>>>>> like /private/* to be accessible only under the authenticated request uri.
+
+>>>>>> Note that if editing is enabled, then you should set the restriction in
+>>>>>> [[plugins/lockedit]]'s locked_pages too
+>>>>>> or they may be able to view pages by editing the page= value in the editor's
+>>>>>> query string. --[mjr](http://mjr.towers.org.uk/)