attachments = {...} (see HelpOnConfiguration/FileAttachments) - we would like to remove that setting because of several reasons:
- when not being extremely careful, this can easily lead to security problems (like when uploading a .php exploit and then executing it by accessing it directly via web server)
- makes code more complicated - code that we want to change completely in next version
If you need that feature, speak up NOW and tell us your reasons WHY you need it.
![/!\](/moin_static19/modernized/img/alert.png "/!\"){kind=small}
attachments direct serving is removed in moin 1.7. Please note that attachments will still work, but they are handled by moin, not directly by the web server.
Discussion
Well, in our intranet we want to share document templates (letters in corporate design, logo) as well as reports (usually pdf). How would I do this (without granting users access to the server machine itself and without running ftp/webdav/whatever) w/o attachments? Suggestions welcome.
- We are not removing attachments - you will be able to attach files just like you did before. The change is not serving the attachments with the web sever, but through moin, which is much more secure, but slower.