Excellent points John. Most users will indeed not review the full text of every single tiddler they import. I'm now thinking that pointing out which ones should indeed be reviewed more explicitly would be both easy and worthwhile.
At the tm-import-tiddlers widget level, any JS that's being imported could be flagged, with a simple highlight inviting the user to review the code before confirming the import when standard declared JS is detected, and a more insistent alert when the code is hidden or obfuscated (as in Finn's Base64 example). A simple exhaustive filter search should be able to cover all or most cases, including content-type=application/javascript, <script>, <object>, <iframe>. I feel (at my very modest level of understanding) that this would add a significant extra layer of security when drag-and-dropping as users could react when seeing JavaScript being imported where none was expected — when simply importing a random content tiddler for instance. Given that new JS is only executable after rebooting the TW instance, even if the potentially malicious code is executed while parsing the imports, it shouldn't prove too much of an issue as the user with sudden doubts could immediately delete the imports and avoid any potential issues and would be invited to then share any concern with the TW community to understand if anything is wrong and nip the problem in the bud. Best, R² -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/tiddlywiki/21068b16-7cda-46fe-a1d9-520bc26e5221n%40googlegroups.com.
