On Tue, Mar 13, 2012 at 11:24 AM, Lance Java wrote:
> Ok, just be very careful. For instance if you force a top level directory
>
> File file = new File(TOP_LEVEL, request.getParamter("file");
>
> A hacker can still try
> http://site/read-file?file=../../../admin/passwords.xml
Yes nice example.
Ok, just be very careful. For instance if you force a top level directory
File file = new File(TOP_LEVEL, request.getParamter("file");
A hacker can still try
http://site/read-file?file=../../../admin/passwords.xml
If I were you, I would abstract reading from / writing to files by a
Resource inte
Hey Lance,
Thanks for taking time to look at this.
The code you suggested is a servlet implementation of the javascript editor
component.
We won't use this approach. The javascript component will be integrated
with tapestry and the request/response cycles will be passing parameters in
urls/getting
I'm always very wary of servlets that allow access to a filename passed in
as a request parameter... you are potentially opening up complete access to
your server if you are not careful. Before introducing something like this
into your application you must do a security audit on it
https://github.
Hi Ville,
We decided to go with http://elfinder.org/.
The discussion is on the tynamo dev list.
It's BSD licensed, the code is pretty clean, it's actively developed. and
it looks pretty stable.
I'll integrate it very shortly (this week) and give you a link to a demo,
or just follow the list.
If it
Hi,
CKFinder is commercial product with no freeware licensing model afaik.
However their prices are so low that I'd be happy to pay if the product is
good. Then the ckeditor component should only provide a bridge to their java
implementation and let the developer using the component to provide the
If you are editing raw html or javascript then you should also consider the
Ace code editor http://ace.ajax.org/ Mozilla tri-license (MPL/GPL/LGPL)
Demo here http://ace.ajax.org/build/kitchen-sink.html
Cheers,
Lance.
On Sunday, 11 March 2012, Dragan Sahpaski wrote:
> Hi,
> On Sun, Mar 11, 2012
Hi,
On Sun, Mar 11, 2012 at 10:54 AM, Ville wrote:
> Hi,
>
> it is way cleaner, but essentially just provides the ckeditor. It is
> missing
> solution for proper file upload capabilities and associated security checks
> etc. Take a look at http://www.neele.name/filebrowser/ckeditor.php for an
> e
Hi,
it is way cleaner, but essentially just provides the ckeditor. It is missing
solution for proper file upload capabilities and associated security checks
etc. Take a look at http://www.neele.name/filebrowser/ckeditor.php for an
example. This is needed by us to provide "edit the whole page wysiw
Dragan's tapestry-ckeditor is now available as Tynamo module
(https://nexus.codehaus.org/content/groups/snapshots-group/org/tynamo/tapestry-ckeditor/0.0.1-SNAPSHOT/).
I did evaluate yours/the fckeditor on Kenai but Dragan's approach
seemed cleaner. Are the any major advantages or features this cod
Hi,
if there is need to dual / triple license, I'm happy to add those. Also, if
anyone is interested to continue the work on T5 fck/ck editor I'm more than
happy to share it under any license wished.
We've been using the CK variant in production about a year but I have never
had the time to finis
Sounds great! Thanks!
On Mar 8, 2012, at 11:49 PM, Kalle Korhonen wrote:
> For the brave souls, there's now
> http://svn.codehaus.org/tynamo/trunk/tapestry-editablecontent/ and the
> initial snapshots available at
> https://nexus.codehaus.org/content/groups/snapshots-group/org/tynamo/tapestry
For the brave souls, there's now
http://svn.codehaus.org/tynamo/trunk/tapestry-editablecontent/ and the
initial snapshots available at
https://nexus.codehaus.org/content/groups/snapshots-group/org/tynamo/tapestry-editablecontent/0.0.1-SNAPSHOT/.
Kalle
On Sat, Feb 18, 2012 at 8:53 AM, Kalle Korho
On Sat, Feb 18, 2012 at 6:48 AM, Tiger Gui wrote:
> It seems to be built base on FCKeditor for T5, i think it can really
> works. Does Tapestry team consider creating a T5 build in rich-text
> editor ?
FCKEditor is not Apache license and can therefore never be part of T5
core project, nor does it
It seems to be built base on FCKeditor for T5, i think it can really
works. Does Tapestry team consider creating a T5 build in rich-text
editor ?
2012/2/18 based2 :
>> http://t5-easy-fckeditor.kenai.com/
>
>>
> http://citydotmobicms.sourceforge.net/
> http://code.google.com/p/modest-cms/
>
> ==
>
> http://t5-easy-fckeditor.kenai.com/
>
http://citydotmobicms.sourceforge.net/
http://code.google.com/p/modest-cms/
==
https://github.com/bobharner/Tapestry-finder
http://wiki.apache.org/tapestry/Tapestry5ModuleRegistry
http://wiki.apache.org/tapestry/Tapestry5OpensourceApps
--
View this messag
I would love to use something like this.
On Feb 17, 2012, at 11:46 PM, Kalle Korhonen wrote:
> In the past, I've been keeping longer, largely textual content in an
> external wiki system and pulling it out to appropriate locations on
> the main wesite by placing a little wiki components on th
17 matches
Mail list logo
