as it turned out when fixing a bug:
people where using it (the bug!) to view HTML pages uploaded by they in
iframes. This was explained here:
I've found a simple solution to that. Say you have uploaded a file:
What about having this server as text/plain (HTML source is rendering)
with the original address, and with the special URL:
being server as text/html. This would solve the problem, because no
and users would get their iframes working (if they change the URL to
load into the iframe)
What do you think about this?
this wouldn't work for now, because it's just an idea of how to solving
this. But this should work well, and this does not require so much work
I have an intresting question about this theme ( html iframed ) with PHP
Please have a look and try to explain why this is working now under
( I do not understand why)
Von: wik...@googlegroups.com [mailto:wik...@googlegroups.com] Im Auftrag
Gesendet: Samstag, 03. Mai 2008 10:39
An: temporary wikidot dev-list
Betreff: Re: Hosting HTML files the right way
I would be uploaded once (as you normally do), but it will be served on
1. the old one:
2. the new one:
with the difference of how it is served by our servers. The first HTML
file will be server as text/plain (and therefore your browser will
display the source of it).
The second file will be be server as text/html (and the browser will
normally render HTML).
So if you want to embed a HTML into an iframe you need to upload a file
as normally and then create a page with an iframe with "static" added
to the normally used address for the uploaded files.
Hope this clarifies the idea.
Dnia 2008-05-03, o godz. 01:39:04
Helmuti_pdorf <helmut.e...@kabsi.at> napisał(a):
this works fine (on any browser) because the files are not on the
Wikidot servers. It is safe too iframe, embed or link ANY file from
outside of Wikidot, so we don't restrict that.
Dnia 2008-05-03, o godz. 10:50:11
"Helmut Eichberger" <helmut.e...@kabsi.at> napisał(a):
as we have seen many users relying on our security bug (which was
ability to upload a HTML file with the extension .html renamed to
something else), we've decided to provide such a functionality the
If you want to have this possibility you need to slightly change the
way you invoke the [iframe] tag.
Say, you have an iframe with the URL
You just need to change the domain name part and let it render:
This file is safe for us to serve as text/html, and we do it.
Actually now ALL the files you want to be served as html NEED to have
the .html suffix.
The feature is still beta, but should be quite stable. We will also
manage to create some automagical redirects from the
previous-style-links to the new ones if a file has .html suffix,
redirects automaticaly to
THIS ONE IS NOT YET DONE!