MeatballWiki | RecentChanges | Random Page | Indices | Categories

The Rally Cry of DaveWiner of ScriptingNews. Also used in Wikis. The point is that content should be editable via a browser, so you don't need specialized development tools to maintain a site. A geek with SSH Apache, Linux and Vi doesn't need this so much, but even then, HTTP is where the hole in the firewall is.

Better to have separate read and read-write channels. You have to allow public access to one, but not to the other.

Do you disagree with wikis, then?

No - I like them for a special case. I don't like things like WebDAV? and Frontpage Extensions, or even the PUT method in HTTP. Very easy to abuse, and not full featured enough to be really useful (FP extensions and possible WebDAV? may have the features, they're just not implemented well).

I think that the NORMAL mode for changing web content should not be via HTTP. Most web content should not be changeable by the viewer - imagine if I could edit www.cnn.com. If individual sites wish to make special interfaces, let them (admin website for posting stories, etc). The original poster's comments implied he thought rolling everything into one big protocol was the way to go. I much prefer having several small, easy to implement (and debug and secure) protocols.

Well, under Manila ( UserlandManila?, to Wiki-ize it), the editing section is behind password protection. That's what I've done with many of my pages. --DaveJacoby

And you use normal POST method to implement it, right? No need for PUT. And if you want to make it really secure you can require that those edit requests get authenticated and carry out the edits via HTTPS instead of HTTP. scp(1) clients exist for everything under the sun, so if you don't want to code up the edit section under HTTP, you've got a very secure alternative. There's just no need for complicated protocols that try to do everything. Look at monsters like IPSEC and SSL. They're ugly and hard to implement. Protocols like SSH, HTTP, and telnet are much better. (The SSH spec is especially nice, although I might have preferred an ASCII based negotiation, just for programmer clarity).

On most wikis, EditThisPage introduces a mode: you can view the same content in a non-editable and pleasantly displayed manner, or an editable and "raw" mode. As well as failing to be a WysiwygWiki, it also fails to be a truly "HumaneInterface". Many Wysiwyg wikis likewise have a seperate "edit" and "read-only" mode. However, reducing the modes by only having an editable would perhaps be taking EasySubmission too far: this may indicate a conflict between a HumaneInterface and SoftSecurity's reliance on SecurityByObscurity, GuidePosts, UnlockedDoors, etc.

see also http://wiki.recentchangescamp.org/EditThisPage


MeatballWiki | RecentChanges | Random Page | Indices | Categories
Edit text of this page | View other revisions