From a7be7bdf56b60a08a7ae23a17e20d2bad4cc2971 Mon Sep 17 00:00:00 2001
From: Josh Triplett <josh@freedesktop.org>
Date: Sun, 10 Feb 2008 13:23:28 -0800
Subject: Do not allow the about: URI scheme

Some browsers interpret about: URIs like a limited version of data:
URIs.  In particular, some versions of Internet Explorer interpret
arbitrary HTML content in about: URIs.
---
 debian/changelog | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'debian/changelog')

diff --git a/debian/changelog b/debian/changelog
index dc55cdd88..765cdb9e0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -6,8 +6,12 @@ ikiwiki (2.40) UNRELEASED; urgency=low
     optional '!' prefix even with prefix_directives off, and use that in
     the underlay to support either setting of prefix_directives.  Add NEWS
     entry with migration information.
+  * Do not allow the about: URI scheme; some browsers interpret about:
+    URIs like a limited version of data: URIs.  In particular, some
+    versions of Internet Explorer interpret arbitrary HTML content in
+    about: URIs.
 
- -- Josh Triplett <josh@freedesktop.org>  Sat, 09 Feb 2008 23:01:19 -0800
+ -- Josh Triplett <josh@freedesktop.org>  Sun, 10 Feb 2008 13:18:58 -0800
 
 ikiwiki (2.31.2) unstable; urgency=high
 
-- 
cgit v1.2.3