Commit Graph

39 Commits (017f06dd49fc59c1c0b8c13c7d17722297c97200)

Author SHA1 Message Date
Joey Hess 9b9ecda62f htmlscrubber: Do not scrub url anchors that contain colons. 2010-08-19 13:59:31 -04:00
Joey Hess ccafb10007 enable hidden attribute 2010-05-01 19:59:16 -04:00
Joey Hess 790a339db1 htmlscrubber: Also allow some other html5 tags: canvas, progress, meter, ruby, rt, rp, details, summary. 2010-05-01 19:28:28 -04:00
Joey Hess f1e2d0af12 more html5 attributes 2010-05-01 19:11:03 -04:00
Joey Hess 78cee5140a add rest of html5 form attributes
It's easy to imagine pattern being used to freeze or crash browsers, if
they implement it stupidly. Let's hope not..
2010-05-01 18:44:37 -04:00
Joey Hess 80f9a2a087 add figure and figcaption 2010-05-01 18:31:33 -04:00
Joey Hess 0a139aba82 htmlscrubber: Allow the html5 form attributes: placeholder autofocus, min, max, step. 2010-05-01 18:27:53 -04:00
Joey Hess 442bc59a15 htmlscrubber: Allow the placeholder attribute. 2010-05-01 18:14:50 -04:00
Joey Hess 73c8209484 more html5
* htmlscrubber: Also allow html5 canvas tags.
* htmlscrubber: Round out html5 video support with the preload
  attribute and the source tag.
2010-05-01 17:56:35 -04:00
Joey Hess 80f2042464 htmlscrubber: Allow html5 semantic tags: section nav article aside hgroup header footer time mark 2010-05-01 16:34:47 -04:00
Joey Hess 104919ee07 htmlscrubber: Allow colons in url fragments after '?'
Colons are not allowed at the start of urls, because it can be interpreted
as a protocol, and allowing arbitrary protocols can be unsafe
(CVE-2008-0809). However, this check was too restrictive, not allowing
use of eg, "video.ogv?t=0:03:00/0:04:00" to seek to a given place in a
video, or "somecgi?foo=bar:baz" to pass parameters with colons.

It's still not allowed to have a filename with a colon in it (ie
"foo:bar.png") -- to link to such a file, a fully qualified url must be
used.
2010-04-02 16:05:14 -04:00
Joey Hess 2ad3e60ee8 htmlscrubber: Security fix: In data:image/* uris, only allow a few whitelisted image types. No svg. 2010-03-12 14:50:26 -05:00
Joey Hess a63929f6cc Group related plugins into sections in the setup file, and drop unused rcs plugins from the setup file. 2010-02-11 22:24:15 -05:00
Joey Hess 678d467a40 finalise version 3.00 of the plugin api 2008-12-23 16:34:19 -05:00
Joey Hess bb93fccf06 Coding style change: Remove explcit vim folding markers. 2008-12-17 15:22:16 -05:00
Joey Hess 89256ab870 htmlscrubber: Add a config setting that can be used to disable the scrubber acting on a set of pages. 2008-09-26 18:07:37 -04:00
Joey Hess 903213e63f add plugin safe/rebuild info (part 1 of 2)
too many plugins.. brain exploding..
2008-08-03 16:40:12 -04:00
Adeodato Simó be0b4f603f Allow colons in URLs after the first slash
A new regexp fixes this bug:
http://ikiwiki.info/bugs/No_link_for_blog_items_when_filename_contains_a_colon/

I traced this down to htmlscrubber. If disabled,
it works. If enabled, then $safe_url_regexp
determines the URL unsafe because of the colon and
hence removes the src attribute.

Digging into this, I find that RFC 3986 pretty
much discourages colons in filenames:

"""
A path segment that contains a colon character
(e.g., "this:that") cannot be used as the first
segment of a relative-path reference, as it would
be mistaken for a scheme name. Such a segment must
be preceded by a dot-segment (e.g., "./this:that")
to make a relative- path reference.
"""

on the other hand, with usedirs, any link to
another page will be prepended by ../ anyway, so
that makes them okay again.

The solution still seems not to use colons.

In any case, htmlscrubber should get a new regexp,
courtesy of dato.

I have tested and verified this.

Signed-off-by: martin f. krafft <madduck@madduck.net>
2008-02-29 19:29:44 +01:00
Joey Hess c6fc554c54 use quotemeta when building the regexp 2008-02-10 19:02:12 -05:00
Josh Triplett 728dfd9595 Allow the smb: URI scheme. 2008-02-10 15:08:56 -08:00
Josh Triplett 502cd00ec7 Allow the snews: URI scheme. 2008-02-10 15:05:11 -08:00
Josh Triplett ec9d3ab549 Do not allow the steam: URI scheme. 2008-02-10 14:59:08 -08:00
Josh Triplett 3cda22a27f Match literal '.' in URI schemas containing '.', rather than matching any character 2008-02-10 14:50:30 -08:00
Joey Hess 4bfdbd4858 export $safe_url_regexp 2008-02-10 17:07:21 -05:00
Josh Triplett d20e24b636 Also filter the attributes cite, longdesc, and usemap, which can contain URIs 2008-02-10 13:59:37 -08:00
Joey Hess 2078f706d6 add parens around scheme regexp 2008-02-10 16:29:46 -05:00
Josh Triplett a7be7bdf56 Do not allow the about: URI scheme
Some browsers interpret about: URIs like a limited version of data:
URIs.  In particular, some versions of Internet Explorer interpret
arbitrary HTML content in about: URIs.
2008-02-10 13:23:28 -08:00
Joey Hess dfd6bb3854 fix data:image handling 2008-02-10 15:24:03 -05:00
Joey Hess d7e0c035e5 * htmlscrubber security fix: Block javascript in uris.
* Add htmlscrubber test suite.
2008-02-10 13:16:40 -05:00
Joey Hess 4c1a4402f9 * htmlscrubber: Further work around #365971 by adding tags for 'br/', 'hr/'
and 'p/'.
2008-01-07 18:32:50 -05:00
Joey Hess e016a975c4 * Allow html5 video and audio tags and their attributes in the htmlscrubber. 2007-11-18 13:34:06 -05:00
joey 03dc63588c on second thought, simple alphanumeric styles are not actually useful (class is already supported), and anything more complex is too hard to do, so revert 2007-07-11 17:57:02 +00:00
joey a8fa52080d * Allow simple alphanumeric style attribute values in the htmlscrubber. This
should be safe from javascript attacks.
2007-07-11 16:50:59 +00:00
joey ee1ad53c4c * pagespec_match() has changed to take named parameters, to better allow
for extended pagespecs. The old calling convention will still work for
  back-compat for now.
* The calling convention for functions in the IkiWiki::PageSpec namespace
  has changed so they are passed named parameters.
* Plugin interface version increased to 2.00 since I don't anticipate any
  more interface changes before 2.0.
2007-04-27 02:55:52 +00:00
joey 35ee7e44a6 * Make sure to check for errors from every eval. 2006-11-08 21:03:33 +00:00
joey dae0f48e91 * Work on firming up the plugin interface:
- Plugins should not need to load IkiWiki::Render to get commonly
    used functions, so moved some functions from there to IkiWiki.
  - Picked out the set of functions and variables that most plugins
    use, documented them, and made IkiWiki export them by default,
    like a proper perl module should.
  - Use the other functions at your own risk.
  - This is not quite complete, I still have to decide whether to
    export some other things.
* Changed all plugins included in ikiwiki to not use "IkiWiki::" when
  referring to stuff now exported by the IkiWiki module.
* Anyone with a third-party ikiwiki plugin is strongly enrouraged
  to make like changes to it and avoid use of non-exported symboles from
  "IkiWiki::".
* Link debian/changelog and debian/news to NEWS and CHANGELOG.
* Support hyperestradier version 1.4.2, which adds a new required phraseform
  setting.
2006-09-09 22:50:27 +00:00
joey 4895955cea * Change htmlize, format, and sanitize hooks to use named parameters. 2006-08-28 18:17:59 +00:00
joey 7f64dd4f66 * Tell HTML::Scrubber to treat "/" as a valid attribute which is its
very strange way of enabling proper XHTML <br /> type tags. Output html
  should be always valid again now.
2006-05-25 22:03:22 +00:00
joey 6652de5e1a * Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubber
and --disable-plugin htmlscrubber.
2006-05-05 05:41:11 +00:00