Changes for page Release Notes for XWiki 5.2 Milestone 2
Last modified by Thomas Mortagne on 2017/03/24
Change comment:
There is no comment for this version
Summary
-
Page properties (2 modified, 0 added, 0 removed)
-
Attachments (0 modified, 1 added, 0 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. gdelhumeau1 +XWiki.tdelafosse - Content
-
... ... @@ -14,6 +14,17 @@ 14 14 15 15 <description of feature N> 16 16 17 +== SubWikis Management == 18 + 19 +XWiki Enterprise comes now with the ability for users to create their own subwikis. There is no "workspace" anymore. 20 + 21 +=== SubWiki Creation Right === 22 + 23 +The subwiki creation is now possible for users who has the "subwikicreation" right. This right is only available for the main wiki users, exactly like the Programming Right. 24 + 25 +A new section is available in the administration of the main wiki to manage who has this right. 26 +{{image reference="admin-subwikis.png"/}} 27 + 17 17 == Miscellaneous == 18 18 19 19 * The ##line## [[chart>>doc:extensions:Extension.Chart Macro]] type has two parameters, ##hideShapes## and ##hideLines##, to hide the shapes used to display the data points or to hide the interpolation lines that connect the data points.((( ... ... @@ -29,6 +29,12 @@ 29 29 Now, we force the Compatibility mode for Internet Explorer (IE) browsers to use the latest rendering mode. 30 30 Before, the IE browser displayed all intranet sites in compatibility mode by default. This means that even if the user was using IE9, he saw the content rendered with IE7 standards. Since we don't [[support>>dev:Community.BrowserSupportStrategy]] IE6/7 anymore this lead in displaying broken layout, scrollbars, etc. See [[XWIKI-8907>>http://jira.xwiki.org/browse/XWIKI-8907]]. 31 31 43 +== Choosing which types of attachments can be displayed inline (Security) == 44 + 45 +In order to prevent XSS via FileUpload, a new feature has been added : you can now specify in xwiki.properties which types of attachment can be displayed inline. 46 +In the "Attachment" section of xwiki.properties, you can either precise a whitelist of mimetypes that can be displayed inline, or precise a blacklist of mimetypes that shouldn't be displayed inline (if you use this configuration, it is strongly advised to blacklist at least "text/html" and "text/javascript" mimetypes for security reasons). 47 +Note that attachments provided by PR users won't be affected by these restrictions. 48 + 32 32 == Deprecated and Retired projects == 33 33 34 34 <description of deprecated and retired projects>
- admin-subwikis.png
-
- Author
-
... ... @@ -1,0 +1,1 @@ 1 +XWiki.gdelhumeau - Size
-
... ... @@ -1,0 +1,1 @@ 1 +47.1 KB - Content