diff options
author | Joey Hess <joey@kodama.kitenet.net> | 2008-11-05 14:58:35 -0500 |
---|---|---|
committer | Joey Hess <joey@kodama.kitenet.net> | 2008-11-05 14:58:35 -0500 |
commit | b609ae76edf4d18f87643dde3cb6940f8b4f33f1 (patch) | |
tree | da1ef8d7c42ba12d283bd90971e2447d6eee0902 /doc | |
parent | 6fbe214d91ca9be37d149a1e5ba11590490959aa (diff) |
response
Diffstat (limited to 'doc')
-rw-r--r-- | doc/plugins/po.mdwn | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/plugins/po.mdwn b/doc/plugins/po.mdwn index ba293f262..6d468f07e 100644 --- a/doc/plugins/po.mdwn +++ b/doc/plugins/po.mdwn @@ -231,6 +231,10 @@ Security checks > I've checked in a change fixing that. --[[Joey]] - `refreshpofiles` and `refreshpot` create new files; this may need some checks, e.g. using `IkiWiki::prep_writefile()` + > Yes, it would be ideal to call `prep_writefile` on each file + > that they write, beforehand. This way you'd avoid symlink attacks etc to the + > generated po/pot files. I haven't done it, but it seems pretty trivial. + > --[[Joey]] - Can any sort of directives be put in po files that will cause mischief (ie, include other files, run commands, crash gettext, whatever). |