#167 HTML security issues making WW look bad to would-be adopters

[Lee Worden]

As discussed on http://lalashan.mcmaster.ca/theobio/projects/index.php/WorkingWiki/Security and http://www.mediawiki.org/wiki/Extension:WorkingWiki, WW can't currently be used on publicly editable wikis because it allows project editors to create HTML project files that can do subversive things in users' browsers (i.e. it has XSS and more generally HTML injection vulnerabilities).

We consider this an okay situation because WW is mainly designed for wikis restricted to trusted editors. However, WW could also implement powerful wikis for public collaboration if the security concerns were addressed.

[Lee Worden]

There is code in WW, based on the code MediaWiki uses to validate files during upload, to validate HTML project files before displaying them. However, we disabled the feature on our wikis because it was generating false positives on LaTeXML output, so it hasn't been getting testing and bug fixes. So it isn't known whether it does the job adequately.

[Lee Worden]

Or http://htmlpurifier.org/ may be a good tool to solve this problem.

[Lee Worden]

Also it's probably worth documenting here that this bug is the reason for the big red warning on http://www.mediawiki.org/wiki/Extension:WorkingWiki, and that warning is probably a major barrier to adoption of WW by people we don't know