diff options
| -rw-r--r-- | IkiWiki/Plugin/htmlscrubber.pm | 16 | ||||
| -rw-r--r-- | debian/changelog | 2 | ||||
| -rw-r--r-- | doc/plugins/htmlscrubber.mdwn | 6 |
3 files changed, 24 insertions, 0 deletions
diff --git a/IkiWiki/Plugin/htmlscrubber.pm b/IkiWiki/Plugin/htmlscrubber.pm index 923907b04..7398c8478 100644 --- a/IkiWiki/Plugin/htmlscrubber.pm +++ b/IkiWiki/Plugin/htmlscrubber.pm @@ -41,10 +41,26 @@ sub getsetup () { #{{{ safe => 1, rebuild => undef, }, + htmlscrubber_skip => { + type => "pagespec", + example => "!*/Discussion", + description => "PageSpec specifying pages not to scrub", + link => "ikiwiki/PageSpec", + safe => 1, + rebuild => undef, + }, } #}}} sub sanitize (@) { #{{{ my %params=@_; + + if (exists $config{htmlscrubber_skip} && + length $config{htmlscrubber_skip} && + exists $params{destpage} && + pagespec_match($params{destpage}, $config{htmlscrubber_skip})) { + return $params{content}; + } + return scrubber()->scrub($params{content}); } # }}} diff --git a/debian/changelog b/debian/changelog index 20aef4037..6ab7b1d70 100644 --- a/debian/changelog +++ b/debian/changelog @@ -8,6 +8,8 @@ ikiwiki (2.66) UNRELEASED; urgency=low * git: Fix handling of utf-8 filenames in recentchanges. * tag: Make edit link for new tags ensure that the tags are created inside tagbase, when it's set. + * htmlscrubber: Add a config setting that can be used to disable the + scrubber acting on a set of pages. -- Joey Hess <joeyh@debian.org> Thu, 25 Sep 2008 13:45:55 -0400 diff --git a/doc/plugins/htmlscrubber.mdwn b/doc/plugins/htmlscrubber.mdwn index b651ffc99..7db372e1b 100644 --- a/doc/plugins/htmlscrubber.mdwn +++ b/doc/plugins/htmlscrubber.mdwn @@ -31,6 +31,12 @@ Note that enabling or disabling the htmlscrubber plugin also affects some other HTML-related functionality, such as whether [[meta]] allows potentially unsafe HTML tags. +The `htmlscrubber_skip` configuration setting can be used to skip scrubbing +of some pages. Set it to a [[PageSpec]], such as "!*/Discussion", and pages +matching that can have all the evil CSS, JavsScript, and unsafe html +elements you like. One safe way to use this is to use [[lockedit]] to lock +those pages, so only admins can edit them. + ---- Some examples of embedded javascript that won't be let through when this |