blob: 419d589c94edbb8c9b085b43e9efc88d00b008f4 (
plain)
ikiwiki's main outstanding security hole, lack of html sanitization, has
now been addressed. ikiwiki now sanitizes html by default, using the
[[plugins/htmlscrubber]] plugin.
If only trusted parties can edit your wiki's content, then you might want
to turn this sanitization back off to allow use of potentially dangerous
tags. To do so, pass --disable-plugin=sanitize or edit the plugins
configuration in your [[ikiwiki.setup]].
|