diff options
-rw-r--r-- | doc/plugins/po.mdwn | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/doc/plugins/po.mdwn b/doc/plugins/po.mdwn index ba293f262..6d468f07e 100644 --- a/doc/plugins/po.mdwn +++ b/doc/plugins/po.mdwn @@ -231,6 +231,10 @@ Security checks > I've checked in a change fixing that. --[[Joey]] - `refreshpofiles` and `refreshpot` create new files; this may need some checks, e.g. using `IkiWiki::prep_writefile()` + > Yes, it would be ideal to call `prep_writefile` on each file + > that they write, beforehand. This way you'd avoid symlink attacks etc to the + > generated po/pot files. I haven't done it, but it seems pretty trivial. + > --[[Joey]] - Can any sort of directives be put in po files that will cause mischief (ie, include other files, run commands, crash gettext, whatever). |