Reported by Wolfgang Spraul, Aug 4, 2010
If a html file is checked into revision control, there seem to be two URLs to access it: /project/source/tree/... /project/file/tree/... The first one will pretty-print the HTML, the second one will prompt the browser to download the file. Is it possible to offer a third way so that the browser would treat the HTML file directly as it is? This could help committing HTML files with relative links to other files that are committed.
Comment 1 by Loïc d'Anterroches, Aug 18, 2010
For security reasons, this is not possible. If someone can commit a "bad" html file in one project, he can trick the admin of another project to visit the "bad" html file and with scripts perform operations in the name of the other admin.
Sign in to reply to this comment.