[[!template id=plugin name=bibtex2html author="[[anarcat]]"]]
-Trivial plugin to implement [[todo/BibTeX]] support simply using [bibtex2html](https://www.lri.fr/~filliatr/bibtex2html/). It is hopefully secure enough, but I have still marked it as unsafe because I am worried about parameter expansion in bibtex calls from bibtex2html that wouldn't escape those characters properly. The pipeline is called safely, but certain `-flags` could be maliciously added to the filenames somehow.
+Trivial plugin to implement [[todo/BibTeX]] support simply using [bibtex2html](https://www.lri.fr/~filliatr/bibtex2html/). It only takes a `bib` file as an argument and dumps whatever bibtex2html returns for it, so it shows *all* the entries, something that is not really possible with the existing [[bibtex]] plugin, as that one requires you to explicitly state every citation you want to show.
+
+It is hopefully secure enough, but I have still marked it as unsafe because I am worried about parameter expansion in bibtex calls from bibtex2html that wouldn't escape those characters properly. The pipeline is called safely, but certain `-flags` could be maliciously added to the filenames somehow.
The plugin is generic enough that I wonder if there's a level of abstraction that exists here that I have missed. If not it would be interesting to add.
}
add_depends($params{page}, $near);
$near = srcfile($near);
- my @bibtex_cmd = (qw[bibtex2html -charset utf-8 -noheader -nofooter -nobibsource -nodoc -q -o -], $near);
+ my @bibtex_cmd = (qw[bibtex2html -noheader -nofooter -nobibsource -nodoc -q -o -], $near);
open(PIPE, "-|", @bibtex_cmd)
|| error "can't open pipe to @bibtex_cmd: $!";
1;
"""]]
+
+Obviously, this should be implemented through Text::Bibtex as forking is expensive. Yet I haven't found a way to do what this plugin does with the existing [[bibtex]] module. [[bibtex]] could of course be extended and then render this plugin obsolete, but I have found it simpler to just reuse an existing working rendered than rewrite my own in Perl. --[[anarcat]]