diff options
author | Joey Hess <joey@kodama.kitenet.net> | 2008-07-21 11:33:43 -0400 |
---|---|---|
committer | Joey Hess <joey@kodama.kitenet.net> | 2008-07-21 11:34:49 -0400 |
commit | d5e65e582a34ae2494fee493ddcb2b959e4a4bce (patch) | |
tree | 14bf1f7a604406ecb98523eda42c2e864321e1d0 /doc/plugins/htmlscrubber.mdwn | |
parent | d13200f92b74aa3d4e315809c78f1c2ec6c925a7 (diff) | |
parent | e3a84952715cdd625258e1695cb74898006c31f3 (diff) |
Merge commit 'smcv/prefix'
Conflicts:
doc/news/version_2.49.mdwn
Also fixed the newest news file (and my wikiannounce script).
Diffstat (limited to 'doc/plugins/htmlscrubber.mdwn')
-rw-r--r-- | doc/plugins/htmlscrubber.mdwn | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/plugins/htmlscrubber.mdwn b/doc/plugins/htmlscrubber.mdwn index b32c264df..b651ffc99 100644 --- a/doc/plugins/htmlscrubber.mdwn +++ b/doc/plugins/htmlscrubber.mdwn @@ -1,5 +1,5 @@ -[[template id=plugin name=htmlscrubber core=1 author="[[Joey]]"]] -[[tag type/html]] +[[!template id=plugin name=htmlscrubber core=1 author="[[Joey]]"]] +[[!tag type/html]] This plugin is enabled by default. It sanitizes the html on pages it renders to avoid XSS attacks and the like. @@ -13,7 +13,7 @@ All attributes that can be used to specify an url are checked to make sure that the url is in a known, safe scheme, and to block embedded javascript in such urls. -It uses the [[cpan HTML::Scrubber]] perl module to perform its html +It uses the [[!cpan HTML::Scrubber]] perl module to perform its html sanitisation, and this perl module also deals with various entity encoding tricks. |