[Owasp-leaders] [OWASP-wiki-editors] OWASP Wiki update- awesome editing features

Bev Corwin bev.corwin at owasp.org
Tue Mar 14 02:39:49 UTC 2017

Awesome news! Thanks Matt and Johanna!

Best wishes,

On Mon, Mar 13, 2017 at 9:46 PM, Matt Tesauro <matt.tesauro at owasp.org>

> Johanna,
> Thanks for announcing the the wiki update on the leaders list - I've been
> so busy doing other things today I didn't get chance to let people know the
> wiki was updated this weekend - a bit ahead of schedule per the the March
> Ops Blog
> <https://owasp.blogspot.com/2017/03/owasp-operations-update-for-march-2017.html>'s
> estimated date of March 20th.  I had a email with the subject "Death to
> MediaWiki syntax! Long live MediaWiki syntax!" in my head but this works
> too. ; )
> This is most of Activity 1 of the Website Reboot completed.  There's a few
> items to finish - those are below.
> A couple of things to note about the updated MediaWiki software and new
> editor (called Visual Editor by MediaWiki)
>    - You have two choices now when editing wiki pages - the WYSIWYG [1]
>    Visual Editor and a new/improved source editor
>    - There have been a few rare occasions where the Visual Editor messed
>    up pages with HeaderTabs (those in page tabs like this page
>    <https://www.owasp.org/index.php/Board>).  MediaWiki has updated
>    Parsoid (the thing that powers the editor) and it looks like that's been
>    fixed.
>    - Parsoid is the back-end service that takes the Visual Editor output
>    and turns it into a wiki page.  By default it runs over HTTP but I've setup
>    ours to use HTTPS - cause that's just the right thing to do. : )
>    - Things left to do
>       - The wiki is still hosted at Rackspace which ended their hosting
>       donation recently.   As soon as the refactoring of the Ansible deploy code
>       is done, we'll be moving elsewhere.
>       - There were breaking changes between 1.25.x (previous) and 1.27.x
>       (current) and the group of MediaWiki extensions we were using have been
>       updated to work with 1.27.x. There's a few more new extensions that were
>       only coded for the new release that we'll be adding shortly like recaptcha
>       for account requests.
>       - MediaWiki changed how sessions and caching works for 1.27.x.  We
>       have a working setup but its not optimal for several reasons.  I'm
>       researching options to improve performance of the wiki's sessions and
>       caching which will allow us to have multiple-web heads without load
>       balancing users in a sticky fashion (aka same IP always gets the same web
>       node).  This is a big change to how MediaWiki worked since we started using
>       it so I'm going to experiment first before we make production changes.  The
>       end result should be a much more fault tolerant installation in our new
>       hosting provider.
>       - The wiki is using a Let's Encrypt SSL certificate and get's an A
>       on SSL Labs.  There has been system hardening done but this is not the
>       final, fully-hardened install.  If you have suggested changes, please
>       submit a case to "IT Support" using the "Contact Us
>       <https://www.tfaforms.com/308703>" form so the don't get lost
>       between when you make them and the migration to a new hosting provider.
> I'm going to push some things to Github and start tracking the progress on
> the Website Reboot there - look for another announcement soon when that's
> in place.
> Cheers!
> [1] https://en.wikipedia.org/wiki/WYSIWYG
> --
> -- Matt Tesauro
> OWASP AppSec Pipeline Lead
> https://www.owasp.org/index.php/OWASP_AppSec_Pipeline
> OWASP WTE Project Lead
> *https://www.owasp.org/index.php/OWASP_Web_Testing_Environment_Project
> <https://www.owasp.org/index.php/OWASP_Web_Testing_Environment_Project>*
> http://AppSecLive.org <http://appseclive.org/> - Community and Download
> site
> On Mon, Mar 13, 2017 at 6:26 PM, johanna curiel curiel <
> johanna.curiel at owasp.org> wrote:
>> All
>> I was pleasantly surprise to find out that we have the latest wiki
>> version which is much easier to edit and adapt!
>> Johanna Curiel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170313/3f705e52/attachment.html>

More information about the OWASP-Leaders mailing list