This is an old revision of the document!
Table of Contents
Display File Plugin
Compatible with DokuWiki
- 2020-07-29 "Hogfather" yes
- 2018-04-22 "Greebo" yes
- 2017-02-19 "Frusterick Manners" yes
- 2016-06-26 "Elenor Of Tsort" yes
This plugin offers a single custom element,
displayfile, that takes two arguments,
target. The element is self-closing and should not be used as an open/close pair.
|< 100% - - 100% >|
| ||yes||The language of the content file. This is used by Dokuwiki's built-in syntax highlighting GeSHi library. To disable syntax highlighting, specify a dask (-) character for the lang value. The supported lang values are the same as those provided by Dokuwiki's <code> and <file> markup and can be found on the Dokuwiki syntax page: Syntax Highlighting|
| ||yes|| The specific part of a file path to the desired file on the local file system. This will be appended to the value of the plugin's
The Display File Plugin has three settings that can be set in the Dokuwiki Configuration Manager:
- Root Path (
root_path) - Specifies the root directory displayed file paths will evaluate relative to. The default value is an empty string, which effectively disables the plugin.
- Deny Extensions List (
deny_extensions) - A space separated list of extensions that should disallowed by the
displayfileelement. The deny list supersedes the allow list. An empty list means no extension is explicitly disallowed. The default list includes
- Allow Extension List (
allow_extensions) - A space separated list of extensions that should allowed by the
displayfileelement. An empty list means any extension not in the deny list will be allowed. The default list includes
- Fix any bugs that are reported.
- Update as necessary for future Dokuwiki versions.
Some level of threat is inherent in the very purpose of this plugin, displaying the contents of files from the local file system. To avoid path traversal attacks, the admin is provided with a configuration option for specifying the root directory path where displayable files are located. Validation is done to ensure that no files outside that root path are displayed and, further more, user-facing error messages have been generalized to remove the chance of ambient data probing. In addition, both allow and deny list configuration options exist to further control what files are and aren't displayable. Any security concerns or suggestions are welcome and should be raised on the Issue Tracker.
Bugs should be reported through the Issue Tracker.
- There are currently no know bugs.
Discussion should be kept on the Plugin's Discussion Page.