Iain Shigeoka wrote:
> From my limited experience, I think a larger danger than actual
> malicious code (ala scripts, etc) is just broken html. We will often
> get confusion when a <table> tag goes unclosed within the wiki
> text (it messes up the entire page formatting and usually results in
> a very broken document).

Easy collaboration is the most important aspect of Wiki
systems, therefore the system should be forgiving to
not perfectly formatted text. It would be easy to fix
uncomplete HTML at runtime when rendering a page: Check
the number of nested <table> tags that are open and
close them when necessary ( </table> ). Do the same for
the <form>, <font>, <blockquote> tags.

> It may be beneficial to come up with wiki markups for the remaining
> commonly used html tags to eliminate both security and
> malformed document problems. If anything, its the wiki markups
> that distinguish wiki from other collaborative document systems
> (aka domino, etc). So, even if you don't want to use them all, it
> may be good to standardize on a comprehensive set of wiki
> markups just to maintain cohesion.

I agree that a good and easy to remember wiki mark-up
avoids HTML coding errors. As an example, TWiki has
a simple table mark-up that looks like this

| Cell A1 | B1 | C1 |
| A2 | B2 | C2 |
| A3 | B3 | C3 |

It gets rendered as a simple HTML table, there is
control over cell spacing, line width, justification
and so on, but it is simple to remember and use, and
serves 80% of the cases.

> As far as TWiki in particular is concerned, I think the big decision
> is how easily does the code need to make switching between wiki
> "modes". Adding markups to the parser is relatively easy.
> Removing tags is a bit more work. Right now, you have to go into
> the wiki parser and comment out each tag you don't want. In
> addition, you must explicitly change the code if you don't match
> the "allow html" mode that TWiki ships with. Should this be a set
> of flags in the wikicfg instead? Or maybe a security mode setting,
> high security meaning no html tags, large wiki tag set, medium
> being limited html tags (tags from a "white list" of safe html),
> medium wiki tag set, and low security being allow any html tags
> and use the medium wiki tag set?

As Bob Racko stated in his reply, it is better not to
restrict on a certain set of HTML tags, because HTML
is a moving standard.

For our support community it is better to have HTML
enabled by default. For other communities it could be
make configurable with a global $allowHtml flag. If
set to zero, HTML is disabled, if set to 1 it is allowed
between <html> and </html> tags, if set to 2 it is
allowed by default.

John DeBruyn pointed out in his reply, that the very
foundation of wiki is trust among those who access the
wiki. I totally agree. Observing the actual use of Wiki
systems proves that it works well: The community is
monitoring postings, non conforming text (if by mistake
or by purpose) is usually corrected by other members in
the community within a short time. This is a self
regulating systems, not unlike the 5 family communities
in the old Edo-period in Japan, that had the function to
judge and police the member of the community.

-- PeterThoeny - 05 Mar 2000
-- http://www.mindspring.com/~peterthoeny/twiki/

(PS: BTW, the Starship server who is hosting TWiki is
down today)