ikiwiki/doc/news/sanitization.mdwn

ikiwiki's main outstanding security hole, lack of html sanitization, has
now been addressed. ikiwiki now sanitizes html by default, using the
[[plugins/htmlscrubber]] plugin.

If only trusted parties can edit your wiki's content, then you might want
to turn this sanitization back off to allow use of potentially dangerous
tags. To do so, pass --disable-plugin=sanitize or edit the plugins
configuration in your [[ikiwiki.setup]].
* Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubber and --disable-plugin htmlscrubber. 2006-05-05 07:41:11 +02:00			`ikiwiki's main outstanding security hole, lack of html sanitization, has`
			`now been addressed. ikiwiki now sanitizes html by default, using the`
			`[[plugins/htmlscrubber]] plugin.`
implemented html sanitisation 2006-04-25 05:18:21 +02:00
			`If only trusted parties can edit your wiki's content, then you might want`
			`to turn this sanitization back off to allow use of potentially dangerous`
* Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubber and --disable-plugin htmlscrubber. 2006-05-05 07:41:11 +02:00			`tags. To do so, pass --disable-plugin=sanitize or edit the plugins`
			`configuration in your [[ikiwiki.setup]].`