ikiwiki/doc/news/sanitization.mdwn

9 lines
431 B
Plaintext
Raw Normal View History

ikiwiki's main outstanding security hole, lack of html sanitization, has
now been addressed. ikiwiki now sanitizes html by default, using the
[[plugins/htmlscrubber]] plugin.
2006-04-25 05:18:21 +02:00
If only trusted parties can edit your wiki's content, then you might want
to turn this sanitization back off to allow use of potentially dangerous
tags. To do so, pass --disable-plugin=sanitize or edit the plugins
configuration in your [[ikiwiki.setup]].