Rev 530 | Rev 533 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 530 | Rev 532 | ||
|---|---|---|---|
| Line 1... | Line 1... | ||
| 1 | 1 | ||
| 2 | RECENT STUFF |
2 | RECENT STUFF |
| 3 | - At a lot of forms, if you press "enter", the "form" will not be submitted (e.g. "create ra" plugin), cannot reproduce? |
3 | - At a lot of forms, if you press "enter", the "form" will not be submitted (e.g. "create ra" plugin), cannot reproduce? |
| 4 | - Create a possibility to invoke cronjobs (VTS registration / automatic publishing) via crontab? |
4 | - Create a possibility to invoke cronjobs (VTS registration / automatic publishing) via crontab? |
| 5 | - Default language selection: Either always en-US, or automatical selection depending on browser language, or depending on admin setting (e.g. german companies offer a german repository by default)? |
5 | - Default language selection: Either always en-US, or automatical selection depending on browser language, or depending on admin setting (e.g. german companies offer a german repository by default)? |
| 6 | - Make attachment upload path configurable |
6 | - Re-implement "file completeness check", or better make it check all files with checksums |
| 7 | 7 | ||
| 8 | RFC |
8 | SECURITY Improvements: |
| - | 9 | - Make attachment upload path configurable |
|
| - | 10 | - Small security issue: A visitor can check which plugins are installed by either entering a "goto" command (e.g. "oidplus:vnag_version_check") |
|
| - | 11 | and see which error message appears, or they could try to enter "plugin/adminPages/..." using the web browser and see if the result is HTTP 200 or HTTP 404. |
|
| 9 | - RFC draft was sent to IETF on November 3rd, 2020. Waiting for reply. |
12 | - Secure plugin adminPages/901_vnag_version_check with an optional encryption passwort |
| 10 | 13 | ||
| 11 | IDEAS FOR NEW FUNCTIONALITIES |
14 | IDEAS FOR NEW FUNCTIONALITIES |
| 12 | - Admin plugin "Attachments" with following functionalities: |
15 | - Admin plugin "Attachments" with following functionalities: |
| 13 | * Show every object and its attachments, so that the admin knows what's going on |
16 | * Show every object and its attachments, so that the admin knows what's going on |
| 14 | (Alternatively they can just look in the userdata directory using FTP) |
17 | (Alternatively they can just look in the userdata directory using FTP) |
| Line 55... | Line 58... | ||
| 55 | - XML import: Let the user decide if "created=now" should be set |
58 | - XML import: Let the user decide if "created=now" should be set |
| 56 | - XML import: Waiting animation |
59 | - XML import: Waiting animation |
| 57 | - XML import: If output (errors) is too long, show them in a page rather than an alert() box |
60 | - XML import: If output (errors) is too long, show them in a page rather than an alert() box |
| 58 | 61 | ||
| 59 | SMALL THINGS |
62 | SMALL THINGS |
| - | 63 | - Add show_waiting_anim() and hide_waiting_anim() to all AJAX queries, like it is done in plugin "Software update" |
|
| 60 | - #gotobutton should have the same top and height as #gotoedit |
64 | - #gotobutton should have the same top and height as #gotoedit |
| 61 | - Should plugins be able to change the "Content-Security-Policy" header (i.e. to include external JavaScripts frameworks) |
65 | - Should plugins be able to change the "Content-Security-Policy" header (i.e. to include external JavaScripts frameworks) |
| 62 | - RA address data: Country selection box like in OIDInfo |
66 | - RA address data: Country selection box like in OIDInfo |
| 63 | Possible data source: https://datahub.io/core/country-list#resource-data |
67 | Possible data source: https://datahub.io/core/country-list#resource-data |
| 64 | - offer signature checker tool to verify WHOIS responses |
68 | - offer signature checker tool to verify WHOIS responses |