The Display File Plugin displays the content of a specified file on the local system using a displayfile element
Compatible with DokuWiki
The Display File Plugin displays the content of a specified file on the local system using a displayfile element
Search and install the plugin using the Extension Manager or install directly using the latest download url, otherwise refer to Plugins on how to install plugins manually.
The plugin offers a single block element that expands into the content of the specified file. The element is self-closing and should not be used as an open/close pair.
| Element | Note |
|---|---|
<<display file LANG TARGET>> | |
<displayfile LANG TARGET /> | DEPRECATED |
| Argument | Required | Description |
|---|---|---|
LANG | yes | The language of the content file. This is used by DokuWiki's built-in syntax highlighting GeSHi library. To disable syntax highlighting, specify a dask (-) character for the LANG value. The supported LANG values are the same as those provided by DokuWiki's <code> and <file> markup and can be found on the DokuWiki syntax page: Syntax Highlighting |
TARGET | yes | The specific part of a file path to the desired file on the local file system. This will be appended to the value of the plugin's root_path configuration option. The TARGET value can be enclosed in single or double quotes (' or "). The TARGET path part must be enclosed in quotes if it contains spaces. |
The plugin provides several settings that can be modified through the Configuration Manager.
| Setting | Default | Description |
|---|---|---|
root_path | empty | Specifies the root directory displayed file paths will evaluate relative to. An empty value effectively disables the plugin. |
deny_extensions | 'sh' | Space-separated list of extensions that should be disallowed by the displayfile element. The deny list supersedes the allow list. An empty list means no extension is explicitly disallowed. |
allow_extensions | 'txt php js css' | Space-separated list of extensions that should be allowed by the displayfile element. An empty list means any extension not in the deny list will be allowed. |
root_path with deny_root_paths and allow_root_paths.Some level of threat is inherent in the very purpose of this plugin, displaying the contents of files from the local file system. To avoid path traversal attacks, the admin is provided with a configuration option for specifying the root directory path where displayable files are located. Validation is done to ensure that no files outside that root path are displayed and, further more, user-facing error messages have been generalized to remove the chance of ambient data probing. In addition, both allow and deny list configuration options exist to further control what files are and aren't displayable. Any security concerns or suggestions are welcome and should be raised on the Issue Tracker.
Bugs should be reported through the Issue Tracker.
Discussion should be kept on the Plugin's Discussion Page.