GSoC/2016/StatusReports/FalitJain: Difference between revisions
Falit Jain (talk | contribs) No edit summary |
Tags: Replaced Undo |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 39: | Line 39: | ||
* While trying ti attack through the style attribute: | * While trying ti attack through the style attribute: | ||
[[File:falit9.png]] | |||
*It resulted in showing an insecure input. | |||
[[File:falit12.png]] | [[File:falit12.png]] | ||
[ | * Most of the XSS attacks , i tested didn't by-pass. Some minor testing needs to be done on IE still. Howver , better frameork such as [https://github.com/bcit-ci/CodeIgniter Codelgniter] can be used. | ||
Latest revision as of 04:02, 27 June 2023
Project Overview
Project Name: WikiToLearn Improved Editor
A Brief Description: The main purpose of this project is to make WikiToLearn Editor to have abundance of features, easy to use and fast. The two main tasks include is the inclusion of Visual Editor extension ( ensuring its full working and keeping it up-to-date) , as well as , inclusion of LaTex tool which will help is writing formulas , auto-completion and highlighting.
Status:
- Completed :
- The inclusion of the LaTex Autocompletions , highlighting in the Visual Editor . Also , fixing the bugs in the current VIsual Editor in the WikiToLearn site. In addition , I tried various XSS attacks on the editor ( as WYSIWYG are known to be vulnerable to XSS in past) .
- In progress:
- Documentation.
Screenshots:
- Earlier Latex Math Formula Insert Editor
- It had no autocompletions and snippets , nor did it included the words from history.
- LaTex Autocompletions
- Local Autocompletions
- Case where words already typed can be autocompleted from dynamically generated dropdown. Eg: Since log is already used in line 1 then , when type the letter 'l' in the 3rd line , the word 'log' comes as a suggestion for the autocompletion in the dropdown.
XSS Attack Security Checks
- While trying attacking directly through the < a href > tag
- While trying ti attack through the style attribute:
- It resulted in showing an insecure input.
- Most of the XSS attacks , i tested didn't by-pass. Some minor testing needs to be done on IE still. Howver , better frameork such as Codelgniter can be used.
Telegram Nick:
falitjain
Telegram Channels:
WikiToLearn Tech, WikiToLearn, WikiToLearn GSoC, KDE-Soc
Blog: https://falit94.blogspot.com/
GSOC as an experience
From the day it began , till now and more time to come , I have just learnt a lot (almost everyday) something new. As a student , I had to work something that is used by the users live ( something which you cannot always experience while working for a corporate). What I found the most exciting was communication channel . Everytime , someone had any query of any type , it would be posted there , and everyone then came to discuss that , which was very educative and fun. My mentors Irene Cortinovis and Gianluca Rigolleti , didn't ever hesistated to answer my queries at any time , and constantly helped with my tasks and planning. I am lucky to be a part of WikiToLearn :)
This is what I learned during GSoC:
- Docker and Vagrant
- Mediawiki Extension Development
- Mediawiki community
- KDE community
- Lots of Javascript Concepts.
- VIM
Documents
https://www.mediawiki.org/wiki/Extension:LatexCompleter
Extension git repository
https://github.com/Falit/LatexCompleter
https://github.com/Falit/CodeEditor
Code Block Bug
https://phabricator.wikimedia.org/T138458
Code Editor Block
https://phabricator.wikimedia.org/T141021
Other Tasks Updated by me
https://phabricator.kde.org/T3260
https://phabricator.kde.org/T3268
https://phabricator.kde.org/T3065
https://phabricator.kde.org/T2968