User:Silly rabbit/Sandbox/Printfooter problem

From Wikipedia, the free encyclopedia

This is ordinary text which shows up in any version of the page.

And this is text which fails to show up in any screen version of the page.


And this is text which fails to show up in any screen version of the page.


I have recently discovered a potential vulnerability in the printfooter CSS class http://meta.wikimedia.org/style/wikiprintable.css. The problem is that this allows malicious editors to insert arbitrary text into an article, which will not show up in any screen version of the page (including the &printable=yes print-preview) at least for CSS-enabled browsers. The hidden text only becomes visible when the article is actually printed. For example:

  
   This is ordinary text, visible on all screen versions of the page.
   <div class="printfooter">This is libelous text, visible only in printed versions.</div>
  

displays as

  This is ordinary text, visible on all screen versions of the page.
This is libelous text, visible only in printed versions.

and also displays this way in most browsers in &printable=yes preview mode. It might be possible for "sleeper" editors to insert objectionable material into an article which would only be caught much later (likely after printing), if at all.