1 files changed, 10 insertions, 7 deletions

diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index 537b86ad1..3d094c263 100644
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -91,6 +91,9 @@ sub cgi_editpage ($$) {
 	# This untaint is safe because we check file_pruned and
 	# wiki_file_regexp.
 	my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/;
+	if (! defined $page) {
+		error(gettext("bad page name"));
+	}
 	$page=possibly_foolish_untaint($page);
 	my $absolute=($page =~ s#^/+##); # absolute name used to force location
 	if (! defined $page || ! length $page ||
@@ -128,7 +131,8 @@ sub cgi_editpage ($$) {
 			# favor the type of linking page
 			$type=pagetype($pagesources{$from});
 		}
-		$type=$config{default_pageext} unless defined $type;
+		$type=$config{default_pageext}
+			if ! defined $type || $type=~/^_/; # not internal type
 		$file=newpagefile($page, $type);
 		if (! $form->submitted) {
 			$form->field(name => "rcsinfo", value => "", force => 1);
@@ -312,8 +316,7 @@ sub cgi_editpage ($$) {
 			$form->title(sprintf(gettext("editing %s"), pagetitle(basename($page))));
 		}
 		
-		showform($form, \@buttons, $session, $q,
-			forcebaseurl => $baseurl, page => $page);
+		showform($form, \@buttons, $session, $q, page => $page);
 	}
 	else {
 		# save page
@@ -331,7 +334,7 @@ sub cgi_editpage ($$) {
 			$form->field(name => "type", type => 'hidden');
 			$form->title(sprintf(gettext("editing %s"), $page));
 			showform($form, \@buttons, $session, $q,
-				forcebaseurl => $baseurl, page => $page);
+				page => $page);
 			exit;
 		}
 		elsif ($form->field("do") eq "create" && $exists) {
@@ -346,7 +349,7 @@ sub cgi_editpage ($$) {
 				         "\n\n\n".$form->field("editcontent"),
 				force => 1);
 			showform($form, \@buttons, $session, $q,
-				forcebaseurl => $baseurl, page => $page);
+				page => $page);
 			exit;
 		}
 			
@@ -387,7 +390,7 @@ sub cgi_editpage ($$) {
 			$form->field(name => "type", type => 'hidden');
 			$form->title(sprintf(gettext("editing %s"), $page));
 			showform($form, \@buttons, $session, $q,
-				forcebaseurl => $baseurl, page => $page);
+				page => $page);
 			exit;
 		}
 		
@@ -429,7 +432,7 @@ sub cgi_editpage ($$) {
 			$form->field(name => "type", type => 'hidden');
 			$form->title(sprintf(gettext("editing %s"), $page));
 			showform($form, \@buttons, $session, $q,
-				forcebaseurl => $baseurl, page => $page);
+				page => $page);
 		}
 		else {
 			# The trailing question mark tries to avoid broken