Below are the subjects that we propose as part of this semester of code. The contribution subjects can be changed depending on the contributor affinities.

Project #1 : WYSIWYG Editor improvements

XWiki relies on CKEditor to edit rich content. While this editor has already been modified in order to integrate with XWiki, there are different improvements that could be looked into in order to improve the integration. Below are a couple of examples :

• Integrate "Slash actions" : when using the WYSIWYG editor, users can
• Add support for real-time editing everywhere. Since XWiki 13.9 (released in November 2021), we released real-time editing in wiki pages as an experimental feature, only working in a particular page edit mode. The goal here would be to improve this feature so that real-time editing can be enabled by default in XWiki when editing pages.
• Integrate the possibility to propose macros in the WYSIWYG editor "in context"

For this project, it is required to have some knowledge of Javascript and front-end technologies in general. Some knowledge of Java and object-oriented programming may also be needed when working on real-time editing, as it involves modifying the backend.

Project #2 : Signed scripts

XWiki comes with the possibility to write scripts in pages, which are evaluated every time a page is loaded. This is a very powerful feature of XWiki as it allows quick customization of pages, in order to make them dynamic.

Even though the execution of scripts is sandboxed, we are currently lacking some tools to properly authenticate from whe

Signed scripts should be the cure to security issues and limitations currently encountered when some piece of code should be executed with unrestricted access (aka Programming Rights or PR). The general idea is to sign any scripts, that require PR, to securely associate them with the privileged user that have written them.

You can find more details on this project on its design page : Signed Scripts

For this project, good knowledge of cryptography principles and public key infrastructures will be required.

Project #3 : MFA and new authentication integrations

Currently, in order to integrate XWiki with an external authentication mechanism (LDAP, OpenID, CAS, SAML, …), we use an authentication API that extensions can implement to hook to external mechanisms. However, this API does not provide ways to define authentication schemes, which would allow chaining different challenges from different authentication providers in order to perform a complete user authentication.

This project would come in two parts :

• One part about proposing improvements on the current authentication extension
• Another part on providing a first implementation of such API

Project #4 : New wiki interface

We are currently looking into building a new interface for XWiki, with an independent, flexible web UI. As part of this project, you will participate to the design of the interface, and to its modular implementation.