Question

Site admins use a skin chain such as myportal,pattern to selectively augment the pattern skin.

Users can use ?skin=x,y,z to override this.

Is there presently a way for the administrator to prevent the override?

Thanks, M.

Environment

-- MartinCleaver - 26 Oct 2007

Answer

If you answer a question - or have a question you asked answered by someone - please remember to edit the page and set the status to answered. The status is in a drop-down list below the edit box.

I wonder if FINALPREFERENCES should (or does?) do this?

-- SvenDowideit - 27 Oct 2007

The FINALPREFERENCES setting in Main.TWikiPreferences prevents settings at a lower level. However, the ?skin=foo URL parameter overrides preferences settings, e.g. it is not possible to disable URL parameters.

-- PeterThoeny - 27 Oct 2007

You can do this at the webserver level, i.e. for apache with mod_rewrite, use a RewriteRule:

RewriteRule ^(.*?)[\;\&\?]?skin\=\w+(.*?)$ $1$2 [QSA]

This is untested and you need an entire mod_rewrite section to hold this line - this is just to demonstrate the concept of cutting the parameter before it reaches TWiki.

I can understand why you are trying to achieve this, but I think it is somewhat against the "spirit of TWiki" - better to give the users the ability to explore imho

-- SteffenPoulsen - 27 Oct 2007

Thanks Sven, Peter, Steffen.

I'll ask my client whether they want a feature added to do this.

Cheers, M.

-- MartinCleaver - 28 Oct 2007