1 [[!template id=plugin name=bibtex2html author="[[anarcat]]"]]
3 Trivial plugin to implement [[todo/BibTeX]] support simply using [bibtex2html](https://www.lri.fr/~filliatr/bibtex2html/). It is hopefully secure enough, but I have still marked it as unsafe because I am worried about parameter expansion in bibtex calls from bibtex2html that wouldn't escape those characters properly. The pipeline is called safely, but certain `-flags` could be maliciously added to the filenames somehow.
5 The plugin is generic enough that I wonder if there's a level of abstraction that exists here that I have missed. If not it would be interesting to add.
9 package IkiWiki::Plugin::bibtex2html;
13 use open qw{:utf8 :std};
16 hook(type => "getsetup", id => "bibtex2html", call => \&getsetup);
17 hook(type => "preprocess", id => "bibtex2html", call => \&bibtex2html);
32 # check the files exist
34 if (! defined $file) {
35 error sprintf(gettext('file parameter is required'));
37 my $near = bestlink($params{page}, $file);
39 error sprintf(gettext('cannot find bestlink for "%s"'), $file);
41 if (! exists $pagesources{$near}) {
42 error sprintf(gettext('cannot find file "%s"'), $near);
44 add_depends($params{page}, $near);
45 $near = srcfile($near);
46 my @bibtex_cmd = (qw[bibtex2html -charset utf-8 -noheader -nofooter -nobibsource -nodoc -q -o -], $near);
48 open(PIPE, "-|", @bibtex_cmd)
49 || error "can't open pipe to @bibtex_cmd: $!";
50 my $html = join("", <PIPE>);
52 debug "ran @bibtex_cmd: $html";
53 return "<div class=\"bibtex2html\">$html<!-- The above was generated with @bibtex_cmd--></div>";