Hi h0p3 > Is there an idiomatic way to safely import tiddlers from a stranger into a > jail or sandbox in my wiki?
I've used a combination of techniques: * Add a prefix to each title to ensure that tiddlers cannot overwrite core tiddlers. The prefix should also include an identifier for the import operation (e.g. `$:/imports/20181207235473/`) * Add a prefix to all tags (e.g. `$:/safetag/`) * Rename any `module-type` fields to `original-module-type` * Rename any `plugin-type` fields to `original-plugin-type` The precise steps you'll need to take will depend on the design of your wiki. In particular, you need to consider whether any filters you're using to select tiddlers might also pull in such imported tiddlers. Best wishes Jeremy -- Jeremy Ruston [email protected] https://jermolene.com > On 10 Dec 2018, at 00:51, h0p3 <[email protected]> wrote: > > I am always a joy to hear from you, Jed. Even though I've spent a lot of time > in my wiki, I'm still basically just a beginner. You are one of the gurus > here that I am fortunate enough to have the chance to learn from. Thank you > for such a solid answer (and I will gratefully take every scrap of knowledge > you are willing to offer). > > I have officially migrated to Bob today! I'm still pumping out them single > files, but I'm loving this luxury (when I'm not broke as fuck, I will be > donating, sir; it seems likely to me that your software is the future of > developing TW, imho). > > I do not intend to import from the wiki but from outside because Bob makes > that a pleasant experience. I was thinking about writing a sanitization tool > to strip (among other things) unacceptable tag, fields, CSS, and buttons > before pushing .tid files into the tiddler directory, although I'm not sure > what I will actually need to strip out for CSS. But, from the sounds of it, > Bob's server images plugin may be a better tool. > > I serve my wiki as a static index html file, and I aim to keep it that way. I > intend to enable extended family, friends, and perhaps even strangers to > safely write into my wiki (and to enable me to write in theirs if they so > choose) through some kind of P2P or Federated network (resilio sync, dat, > IPFS, and tox are my primary contenders right now [why not all?]), but I may > also scrape singlefile wikis. I'm still not sure how I want to do it, > especially since I'm brand new to Bob (it appears there are many ways to do > this using Bob, and I may not have the best one). This is the fuzzy idea so > far. TWederation based on something like DHT (where the key rather than > control of a domain name) is what I'm shooting for. Again, Bob looks like the > way forward, even though I clearly have no idea what I'm doing. > -- > You received this message because you are subscribed to the Google Groups > "TiddlyWiki" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/tiddlywiki. > To view this discussion on the web visit > https://groups.google.com/d/msgid/tiddlywiki/3d497a41-50f4-4650-a14b-e1a6c6b82257%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/tiddlywiki. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/0ABA6E97-84E2-43EA-9F55-E177F48C5EA3%40gmail.com. For more options, visit https://groups.google.com/d/optout.
