diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/ikiwiki.setup | 5 | ||||
| -rw-r--r-- | doc/news/sanitization.mdwn | 9 | ||||
| -rw-r--r-- | doc/plugins.mdwn | 6 | ||||
| -rw-r--r-- | doc/plugins/htmlscrubber.mdwn (renamed from doc/htmlsanitization.mdwn) | 12 | ||||
| -rw-r--r-- | doc/plugins/write.mdwn | 13 | ||||
| -rw-r--r-- | doc/security.mdwn | 3 | ||||
| -rw-r--r-- | doc/todo/plugin.mdwn | 2 | ||||
| -rw-r--r-- | doc/usage.mdwn | 10 |
8 files changed, 34 insertions, 26 deletions
diff --git a/doc/ikiwiki.setup b/doc/ikiwiki.setup index 3e0e1599e..17d3be7d7 100644 --- a/doc/ikiwiki.setup +++ b/doc/ikiwiki.setup @@ -48,8 +48,7 @@ use IkiWiki::Setup::Standard { #anonok => 1, # Generate rss feeds for pages? rss => 1, - # Sanitize html? - sanitize => 1, # To change the enabled plugins, edit this list - #plugin => [qw{pagecount inline brokenlinks hyperestraier smiley}], + #plugin => [qw{pagecount inline brokenlinks hyperestraier smiley + # htmlscrubber}], } diff --git a/doc/news/sanitization.mdwn b/doc/news/sanitization.mdwn index 6ce254157..419d589c9 100644 --- a/doc/news/sanitization.mdwn +++ b/doc/news/sanitization.mdwn @@ -1,7 +1,8 @@ -ikiwiki's main outstanding security hole, lack of [[HtmlSanitization]] has -now been addressed. ikiwiki now sanitizes html by default. +ikiwiki's main outstanding security hole, lack of html sanitization, has +now been addressed. ikiwiki now sanitizes html by default, using the +[[plugins/htmlscrubber]] plugin. If only trusted parties can edit your wiki's content, then you might want to turn this sanitization back off to allow use of potentially dangerous -tags. To do so, pass --no-sanitize or set "sanitize => 0," in your -[[ikiwiki.setup]]. +tags. To do so, pass --disable-plugin=sanitize or edit the plugins +configuration in your [[ikiwiki.setup]]. diff --git a/doc/plugins.mdwn b/doc/plugins.mdwn index 07c236057..e2f0492af 100644 --- a/doc/plugins.mdwn +++ b/doc/plugins.mdwn @@ -1,9 +1,9 @@ There's documentation if you want to [[write]] your own plugins, or you can install and use plugins contributed by others. The ikiwiki package includes some standard plugins that are installed and -by default. These include [[inline]], [[pagecount]], [[brokenlinks]], -[[search]], [[smiley]], and even [[haiku]]. -Of these, [[inline]] is enabled by default. +by default. These include [[inline]], [[htmlscrubber]], [[pagecount]], +[[brokenlinks]], [[search]], [[smiley]], and even [[haiku]]. +Of these, [[inline]] and [[htmlscrubber]] are enabled by default. To enable other plugins, use the `--plugin` switch described in [[usage]], or the equivalent line in [[ikiwiki.setup]]. diff --git a/doc/htmlsanitization.mdwn b/doc/plugins/htmlscrubber.mdwn index 2c814e8e4..cf0d8e02a 100644 --- a/doc/htmlsanitization.mdwn +++ b/doc/plugins/htmlscrubber.mdwn @@ -1,13 +1,12 @@ -When run with the `--sanitize` switch, which is turned on by default (see -[[usage]]), ikiwiki sanitizes the html on pages it renders to avoid XSS -attacks and the like. +This plugin is enabled by default. It sanitizes the html on pages it renders +to avoid XSS attacks and the like. -ikiwiki excludes all html tags and attributes except for those that are +It excludes all html tags and attributes except for those that are whitelisted using the same lists as used by Mark Pilgrim's Universal Feed Parser, documented at <http://feedparser.org/docs/html-sanitization.html>. Notably it strips `style`, `link`, and the `style` attribute. -ikiwiki uses the HTML::Scrubber perl module to perform its html +It uses the HTML::Scrubber perl module to perform its html sanitisation, and this perl module also deals with various entity encoding tricks. @@ -23,7 +22,8 @@ browser. ---- -Some examples of embedded javascript that won't be let through. +Some examples of embedded javascript that won't be let through when this +plugin is active: * <span style="background: url(javascript:window.location='http://example.org/')">test</span> * <span style="any: expression(window.location='http://example.org/')">test</span> diff --git a/doc/plugins/write.mdwn b/doc/plugins/write.mdwn index ae2f8b904..6c013cd4a 100644 --- a/doc/plugins/write.mdwn +++ b/doc/plugins/write.mdwn @@ -49,7 +49,7 @@ return the error message as the output of the plugin. ### Html issues -Note that if [[HTMLSanitization]] is enabled, html in +Note that if the [[htmlscrubber]] is enabled, html in [[PreProcessorDirective]] output is sanitised, which may limit what your plugin can do. Also, the rest of the page content is not in html format at preprocessor time. Text output by a preprocessor directive will be passed @@ -75,7 +75,16 @@ IkiWiki::error if something isn't configured right. Runs on the raw source of a page, before anything else touches it, and can make arbitrary changes. The function is passed named parameters `page` and -`content` should return the filtered content. +`content` and should return the filtered content. + +### sanitize + + IkiWiki::hook(type => "filter", id => "foo", call => \&sanitize); + +Use this to implement html sanitization or anything else that needs to +modify the content of a page after it has been fully converted to html. +The function is passed the page content and should return the sanitized +content. ### delete diff --git a/doc/security.mdwn b/doc/security.mdwn index 77552b1b2..73d98a3ae 100644 --- a/doc/security.mdwn +++ b/doc/security.mdwn @@ -215,4 +215,5 @@ pages from source with some other extension. ## XSS attacks in page content -ikiwiki supports [[HtmlSanitization]], though it can be turned off. +ikiwiki supports protecting users from their own broken browsers via the +[[plugins/htmlscrubber]] plugin, which is enabled by default. diff --git a/doc/todo/plugin.mdwn b/doc/todo/plugin.mdwn index 84c3d68f5..0b90b7cae 100644 --- a/doc/todo/plugin.mdwn +++ b/doc/todo/plugin.mdwn @@ -25,8 +25,6 @@ Suggestions of ideas for plugins: or something. It's possible that this is a special case of backlinks and is best implemented by making backlinks a plugin somehow. --[[Joey]] -* Splitting out html sanitisation should be easy to do. - * interwiki links All the kinds of plugins that blogging software has is also a possibility: diff --git a/doc/usage.mdwn b/doc/usage.mdwn index eac72cdc7..3a46dade8 100644 --- a/doc/usage.mdwn +++ b/doc/usage.mdwn @@ -162,16 +162,16 @@ These options configure the wiki. Currently allows locking of any page, other powers may be added later. May be specified multiple times for multiple admins. -* --sanitize - - Enable [[HtmlSanitization]] of wiki content. On by default, disable with - --no-sanitize. - * --plugin name Enables the use of the specified plugin in the wiki. See [[plugins]] for details. Note that plugin names are case sensative. +* --disable-plugin name + + Disables use of a plugin. For example "--disable-plugin htmlscrubber" + to do away with html sanitization. + * --verbose Be vebose about what is being done. |