Commit Graph

15 Commits (f6c71fa95bb8e2105b894a9040f8ce917bad0564)

Author SHA1 Message Date
Joey Hess e5f97777ad update 2008-02-10 17:27:59 -05:00
Joey Hess d7e0c035e5 * htmlscrubber security fix: Block javascript in uris.
* Add htmlscrubber test suite.
2008-02-10 13:16:40 -05:00
joey 03dc63588c on second thought, simple alphanumeric styles are not actually useful (class is already supported), and anything more complex is too hard to do, so revert 2007-07-11 17:57:02 +00:00
joey a8fa52080d * Allow simple alphanumeric style attribute values in the htmlscrubber. This
should be safe from javascript attacks.
2007-07-11 16:50:59 +00:00
joey 0041e93808 web commit by JoshTriplett: Add another example, and add a description to each test. 2007-05-08 20:55:43 +00:00
joey 068fa7d079 broken link 2007-04-06 17:34:35 +00:00
joshtriplett b24394c0ec Note that enabling or disabling the htmlscrubber plugin also affects some other
HTML-related functionality, such as whether [[meta]] allows potentially unsafe
HTML tags.
2007-03-26 21:39:18 +00:00
joey 96125d8da5 * Allow multiple tag settings to appear in a single page. 2007-02-14 04:05:08 +00:00
joey 19c58ac7c1 simplified plugin definitions 2007-02-13 18:51:21 +00:00
joey eac31eff5c shortcut stuff 2006-11-20 11:31:23 +00:00
joey 8f8959c96e no longer need triple quotes 2006-08-23 20:27:18 +00:00
joey 9d7375c3b2 * Allow preprocessor directives to contain python-like triple-quoted
text blocks, for easy nesting of quotes inside.
* Add a template plugin.
* Use the template plugin to add infoboxes to each plugin page listing basic
  info about the plugin.
2006-08-23 05:41:07 +00:00
joey becacc5566 updats 2006-07-29 22:25:40 +00:00
joey 7f1313c052 * Tag plugins according to type. 2006-07-29 22:15:45 +00:00
joey 6652de5e1a * Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubber
and --disable-plugin htmlscrubber.
2006-05-05 05:41:11 +00:00