Rev 530 | Rev 533 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 530 | Rev 532 | ||
---|---|---|---|
Line 1... | Line 1... | ||
1 | 1 | ||
2 | RECENT STUFF |
2 | RECENT STUFF |
3 | - At a lot of forms, if you press "enter", the "form" will not be submitted (e.g. "create ra" plugin), cannot reproduce? |
3 | - At a lot of forms, if you press "enter", the "form" will not be submitted (e.g. "create ra" plugin), cannot reproduce? |
4 | - Create a possibility to invoke cronjobs (VTS registration / automatic publishing) via crontab? |
4 | - Create a possibility to invoke cronjobs (VTS registration / automatic publishing) via crontab? |
5 | - Default language selection: Either always en-US, or automatical selection depending on browser language, or depending on admin setting (e.g. german companies offer a german repository by default)? |
5 | - Default language selection: Either always en-US, or automatical selection depending on browser language, or depending on admin setting (e.g. german companies offer a german repository by default)? |
6 | - Make attachment upload path configurable |
6 | - Re-implement "file completeness check", or better make it check all files with checksums |
7 | 7 | ||
8 | RFC |
8 | SECURITY Improvements: |
- | 9 | - Make attachment upload path configurable |
|
- | 10 | - Small security issue: A visitor can check which plugins are installed by either entering a "goto" command (e.g. "oidplus:vnag_version_check") |
|
- | 11 | and see which error message appears, or they could try to enter "plugin/adminPages/..." using the web browser and see if the result is HTTP 200 or HTTP 404. |
|
9 | - RFC draft was sent to IETF on November 3rd, 2020. Waiting for reply. |
12 | - Secure plugin adminPages/901_vnag_version_check with an optional encryption passwort |
10 | 13 | ||
11 | IDEAS FOR NEW FUNCTIONALITIES |
14 | IDEAS FOR NEW FUNCTIONALITIES |
12 | - Admin plugin "Attachments" with following functionalities: |
15 | - Admin plugin "Attachments" with following functionalities: |
13 | * Show every object and its attachments, so that the admin knows what's going on |
16 | * Show every object and its attachments, so that the admin knows what's going on |
14 | (Alternatively they can just look in the userdata directory using FTP) |
17 | (Alternatively they can just look in the userdata directory using FTP) |
Line 55... | Line 58... | ||
55 | - XML import: Let the user decide if "created=now" should be set |
58 | - XML import: Let the user decide if "created=now" should be set |
56 | - XML import: Waiting animation |
59 | - XML import: Waiting animation |
57 | - XML import: If output (errors) is too long, show them in a page rather than an alert() box |
60 | - XML import: If output (errors) is too long, show them in a page rather than an alert() box |
58 | 61 | ||
59 | SMALL THINGS |
62 | SMALL THINGS |
- | 63 | - Add show_waiting_anim() and hide_waiting_anim() to all AJAX queries, like it is done in plugin "Software update" |
|
60 | - #gotobutton should have the same top and height as #gotoedit |
64 | - #gotobutton should have the same top and height as #gotoedit |
61 | - Should plugins be able to change the "Content-Security-Policy" header (i.e. to include external JavaScripts frameworks) |
65 | - Should plugins be able to change the "Content-Security-Policy" header (i.e. to include external JavaScripts frameworks) |
62 | - RA address data: Country selection box like in OIDInfo |
66 | - RA address data: Country selection box like in OIDInfo |
63 | Possible data source: https://datahub.io/core/country-list#resource-data |
67 | Possible data source: https://datahub.io/core/country-list#resource-data |
64 | - offer signature checker tool to verify WHOIS responses |
68 | - offer signature checker tool to verify WHOIS responses |