summaryrefslogtreecommitdiff
path: root/doc/plugins/htmlscrubber.mdwn
AgeCommit message (Collapse)Author
2008-02-10* htmlscrubber security fix: Block javascript in uris.Joey Hess
* Add htmlscrubber test suite.
2007-07-11on second thought, simple alphanumeric styles are not actually useful (class ↵joey
is already supported), and anything more complex is too hard to do, so revert
2007-07-11* Allow simple alphanumeric style attribute values in the htmlscrubber. Thisjoey
should be safe from javascript attacks.
2007-05-08web commit by JoshTriplett: Add another example, and add a description to ↵joey
each test.
2007-04-06broken linkjoey
2007-03-26Note that enabling or disabling the htmlscrubber plugin also affects some otherjoshtriplett
HTML-related functionality, such as whether [[meta]] allows potentially unsafe HTML tags.
2007-02-14* Allow multiple tag settings to appear in a single page.joey
2007-02-13simplified plugin definitionsjoey
2006-11-20shortcut stuffjoey
2006-08-23no longer need triple quotesjoey
2006-08-23* Allow preprocessor directives to contain python-like triple-quotedjoey
text blocks, for easy nesting of quotes inside. * Add a template plugin. * Use the template plugin to add infoboxes to each plugin page listing basic info about the plugin.
2006-07-29updatsjoey
2006-07-29* Tag plugins according to type.joey
2006-05-05* Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubberjoey
and --disable-plugin htmlscrubber.