Preview doesn't work when editing HTML file

[zexxar]

Hi,

I think there is a bug with the preview when editing HTML files. Because when you click on the preview it shows nothing.

Thank you.

[takezoe]

Actually, this is not a bug. Preview rendering is available for Markdown and other formats supported by installed plugins. It doesn't work for HTML.

I think HTML preview shouldn't be supported without restriction because it can cause cross-site scripting if HTML contains JavaScript.

[aadrian]

Actually, this is not a bug. Preview rendering is available for Markdown and other formats supported by installed plugins. It doesn't work for HTML.

The pages-plugin plug-in is allowed to render HTML.

Without the HTML preview, the users will do allot of small commits, and changes, since they can't see what they're really doing.

I think HTML preview shouldn't be supported without restriction because it can cause cross-site scripting if HTML contains JavaScript.

IMHO just like in the case of the 'pages-plugin', a subdomain (+ iframe) and the section https://github.com/gitbucket/gitbucket-pages-plugin#security-panic-mode would simply do it.

[takezoe]

The pages-plugin plug-in is allowed to render HTML.

Yes. Though GitBucket itself doesn't support HTML rendering due to prevent cross-site scripting, users can use pages-plugin if they need to host HTML on GitBucket. It's can be disabled, so users can use it at their own risk.

[takezoe]

I close this issue since this is designed behaviour.