Author: eisenstein
Description:
It would be enormously helpful to have the EditFilter hook called when rendering a preview. It should not be possible to preview a page with content that will be rejected on save. This can help prevent remote exploits. Additionally, several page security extensions are vulnerable to someone inserting a transclusion to a protected page -- this can be prevented using an EditFilter hook, but it seems no such hook is available for previewing. This would take care of that with a simple change.
Version: 1.13.x
Severity: normal