diff options
author | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-03-21 19:16:39 +0000 |
---|---|---|
committer | joey <joey@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-03-21 19:16:39 +0000 |
commit | 12d947a02f2feacc6524851a40751767f04bb48d (patch) | |
tree | c3609f1edc307b1de05e49cb34b89db9b4794924 /doc/news/version_1.47.mdwn | |
parent | 1ecd251ffa28f851273654599f2d05c4bd552e16 (diff) |
add news item for ikiwiki 1.47
Diffstat (limited to 'doc/news/version_1.47.mdwn')
-rw-r--r-- | doc/news/version_1.47.mdwn | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/doc/news/version_1.47.mdwn b/doc/news/version_1.47.mdwn new file mode 100644 index 000000000..2c9300454 --- /dev/null +++ b/doc/news/version_1.47.mdwn @@ -0,0 +1,17 @@ +News for ikiwiki 1.47: + + Due to a security fix, wikis that have the htmlscrubber enabled can no + longer use the meta plugin to insert html link and meta tags. + Some special case methods have been added for safely including stylesheets, + and for doing openid delegation. See the meta plugin docs for details. + +ikiwiki 1.47 released with [[toggle text="these changes"]] +[[toggleable text=""" + * Fix a security hole that allowed insertion of unsafe content via the meta + plugins's support for inserting html link and meta tags. Now such content + is passed through the htmlscrubber like everything else. + * Unfortunatly, that means that some valid uses of those tags are no longer + usable, and special case methods needed to be added for including + stylesheets, and for doing openid delegation. If you use either of these + in your wiki, it will need to be modified. See the meta plugin docs + for details."""]]
\ No newline at end of file |