* Allow simple alphanumeric style attribute values in the htmlscrubber. This

should be safe from javascript attacks.
author: joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> 2007-07-11 16:50:59 +0000
committer: joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> 2007-07-11 16:50:59 +0000
commit: a8fa52080d8ba1df29543df5c6180b620cae59f6 (patch)
tree: b2ec8831da7c39c6ce256b16602274f895e91e87 /debian/changelog
parent: 68ae662e6fdca019adffbc59ca27418eb39de8da (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog
index 7c1625a41..e1bcc3185 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,8 +7,10 @@ ikiwiki (2.4) UNRELEASED; urgency=low
   * Support building on systems that lack asprintf.
   * mercurial getctime is currently broken, apparently by some change in
     mercurial version 0.9.4. Turn the failing test case into a TODO test case.
+  * Allow simple alphanumeric style attribute values in the htmlscrubber. This
+    should be safe from javascript attacks.
 
- -- Joey Hess <joeyh@debian.org>  Sun, 08 Jul 2007 20:25:00 -0400
+ -- Joey Hess <joeyh@debian.org>  Wed, 11 Jul 2007 12:23:41 -0400
 
 ikiwiki (2.3) unstable; urgency=low
author	joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>	2007-07-11 16:50:59 +0000
committer	joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071>	2007-07-11 16:50:59 +0000
commit	a8fa52080d8ba1df29543df5c6180b620cae59f6 (patch)
tree	b2ec8831da7c39c6ce256b16602274f895e91e87 /debian/changelog
parent	68ae662e6fdca019adffbc59ca27418eb39de8da (diff)