summaryrefslogtreecommitdiff
path: root/doc/news/sanitization.mdwn
blob: 6ce2541572cc7a0c8a551066ff6c26a028387822 (plain)

ikiwiki's main outstanding security hole, lack of [[HtmlSanitization]] has now been addressed. ikiwiki now sanitizes html by default.

If only trusted parties can edit your wiki's content, then you might want to turn this sanitization back off to allow use of potentially dangerous tags. To do so, pass --no-sanitize or set "sanitize => 0," in your [[ikiwiki.setup]].