summaryrefslogtreecommitdiff
path: root/doc/ikiwiki/directive
diff options
context:
space:
mode:
authorJoey Hess <joey@kitenet.net>2011-03-28 12:21:12 -0400
committerJoey Hess <joey@kitenet.net>2011-03-28 12:21:12 -0400
commitbe02a80b7a19f3c33a8ea42c0750d94e0a91206f (patch)
tree1ffc2ec9905bf2662c9766d95e96430959ef2d2d /doc/ikiwiki/directive
parenta0e31f38d55f659ed9ef07ce16482308807435f8 (diff)
meta: Security fix; don't allow alternative stylesheets to be added on pages where the htmlscrubber is enabled.
Diffstat (limited to 'doc/ikiwiki/directive')
-rw-r--r--doc/ikiwiki/directive/meta.mdwn4
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/ikiwiki/directive/meta.mdwn b/doc/ikiwiki/directive/meta.mdwn
index d66e26fc4..50aaf66be 100644
--- a/doc/ikiwiki/directive/meta.mdwn
+++ b/doc/ikiwiki/directive/meta.mdwn
@@ -77,6 +77,10 @@ Supported fields:
\[[!meta stylesheet=somestyle rel="alternate stylesheet"
title="somestyle"]]
+
+ However, this will be scrubbed away if the
+ [[!iki plugins/htmlscrubber desc=htmlscrubber]] plugin is enabled,
+ since it can be used to insert unsafe content.
* openid