htmlscrubber: Also allow some other html5 tags: canvas, progress, meter, ruby, rt, rp, details, summary.

IkiWiki/Plugin/htmlscrubber.pm

@@ -85,7 +85,7 @@ sub scrubber {
 
 			video audio source section nav article aside hgroup
 			header footer figure figcaption time mark canvas
-			datalist
+			datalist progress meter ruby rt rp details summary
 		}],
 		default => [undef, { (
 			map { $_ => 1 } qw{
@@ -104,10 +104,10 @@ sub scrubber {
 
 				autofocus autoplay preload loopstart
 				loopend end playcount controls pubdate
-				placeholder min max step form required
+				placeholder min max step low high optimum
-				autocomplete novalidate pattern list
+				form required autocomplete novalidate pattern
-				formenctype formmethod formnovalidate
+				list formenctype formmethod formnovalidate
-				formtarget reversed
+				formtarget reversed spellcheck open
 			} ),
 			"/" => 1, # emit proper <hr /> XHTML
 			href => $safe_url_regexp,

debian/changelog

@@ -7,7 +7,8 @@ ikiwiki (3.20100428) UNRELEASED; urgency=low
     did not support building urls from utf-8 strings. Closes: #579713
   * htmlscrubber: Allow html5 semantic tags: section nav article aside hgroup
     header footer figure figcaption time mark
-  * htmlscrubber: Also allow html5 canvas tags.
+  * htmlscrubber: Also allow some other html5 tags: canvas, progress, meter,
+    ruby, rt, rp, details, summary.
   * htmlscrubber: Round out html5 video support with the preload
     attribute and the source tag.
   * htmlscrubber: Allow the html5 form attributes: placeholder autofocus,

doc/bugs/html5_support.mdwn

@@ -68,23 +68,29 @@ HTML5](http://www.w3.org/TR/html5-diff/).
 > * Use nav for the actionbar
 > * Use placeholder in the search box. Allows closing
 >   [[this_todo|Add_label_to_search_form_input_field]]
+> * Use details tag instead of the javascript in the toggle plugin. 
+>   (Need to wait on browser support probably.)
 > --[[Joey]] 
 
 # htmlscrubber.pm needs to not scrub new HTML5 elements
 
 * [new elements](http://www.w3.org/TR/html5-diff/#new-elements)
 
-> Most of these can be supported trivially, since they are just semantic
+> Many added now.
-> markup. Make a list of these, and their attributes (and which attributes
+>
-> can contain urls or other javascript injection mechanisms), and I can add
+> Things I left out, too hard to understand today:
-> them. (Added several now.) Others, like `embed` are *scary*. --[[Joey]]
+> Attributes contenteditabl, contextmenu,
-
+> data-*, draggable, hidden, role, aria-*. Tags command, keygen,
+> output.
+> 
+> Clearly unsafe: embed.
+> 
+> Apparently cannot be used w/o javascript: menu.
+> 
 > I have not added the new `ping` attribute, because parsing a
 > space-separeated list of urls to avoid javascript injection is annoying, 
 > and the attribute seems generally dubious.
-> 
+>  --[[Joey]] 
-> Need to understand better the attributes contenteditabl, contextmenu,
-> data-*, draggable, hidden, role, aria-*. Have not added those. --[[Joey]] 
 
 # HTML5 Validation and t/html.t