diff options
author | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-03-21 18:52:56 +0000 |
---|---|---|
committer | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-03-21 18:52:56 +0000 |
commit | c8b4ba354f82fbbcebbbfca65b40a047f9920525 (patch) | |
tree | 6dd5bd85031e42da9a3c65d1c5c3f9bfacfdfcda /doc/security.mdwn | |
parent | 829d097dc52b6a8f50297406affc67fbc08dccb7 (diff) |
* Fix a security hole that allowed insertion of unsafe content via the meta
plugins's support for inserting html link and meta tags. Now such content
is passed through the htmlscrubber like everything else.
* Unfortunatly, that means that some valid uses of those tags are no longer
usable, and special case methods needed to be added for including
stylesheets, and for doing openid delegation. If you use either of these
in your wiki, it will need to be modified. See the meta plugin docs
for details.
Diffstat (limited to 'doc/security.mdwn')
-rw-r--r-- | doc/security.mdwn | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn index 9b561a13e..b1e8d03f6 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -304,3 +304,14 @@ This hole was discovered on 21 March 2007 and fixed the same day (er, hour) with the release of ikiwiki 1.46. A fix was also backported to Debian etch, as version 1.33.2. I recommend upgrading to one of these versions if your wiki allows web editing or aggregates feeds. + +## javascript insertion via meta tags + +It was possible to use the meta plugin's meta tags to insert arbitrary +url contents, which could be used to insert stylesheet information +containing javascript. This was fixed by sanitising meta tags. + +This hole was discovered on 21 March 2007 and fixed the same day +with the release of ikiwiki 1.47. A fix was also backported to Debian etch, +as version 1.33.3. I recommend upgrading to one of these versions if your +wiki can be edited by third parties. |