User:Silly rabbit/Sandbox/Printfooter problem
From Wikipedia, the free encyclopedia
This is ordinary text which shows up in any version of the page.
I have recently discovered a potential vulnerability in the printfooter CSS class http://meta.wikimedia.org/style/wikiprintable.css. The problem is that this allows malicious editors to insert arbitrary text into an article, which will not show up in any screen version of the page (including the &printable=yes print-preview) at least for CSS-enabled browsers. The hidden text only becomes visible when the article is actually printed. For example:
This is ordinary text, visible on all screen versions of the page.
<div class="printfooter">This is libelous text, visible only in printed versions.</div>
displays as
This is ordinary text, visible on all screen versions of the page.
and also displays this way in most browsers in &printable=yes preview mode. It might be possible for "sleeper" editors to insert objectionable material into an article which would only be caught much later (likely after printing), if at all.