Generate openid2 headers as well

[git.ikiwiki.info.git] / IkiWiki / Plugin / meta.pm

diff --git a/IkiWiki/Plugin/meta.pm b/IkiWiki/Plugin/meta.pm
index 621e876741b288466112360b96290bac01235e52..0c210b64d6b78f2f028d07680a566137833656d4 100644 (file)
--- a/IkiWiki/Plugin/meta.pm
+++ b/IkiWiki/Plugin/meta.pm
@@ -38,6 +38,17 @@ sub scrub ($) { #{{{
        }
 } #}}}
 
+sub safeurl ($) { #{{{
+       my $url=shift;
+       if (exists $IkiWiki::Plugin::htmlscrubber::{safe_url_regexp} &&
+           defined $IkiWiki::Plugin::htmlscrubber::safe_url_regexp) {
+               return $url=~/$IkiWiki::Plugin::htmlscrubber::safe_url_regexp/;
+       }
+       else {
+               return 1;
+       }
+} #}}}
+
 sub htmlize ($$$) { #{{{
        my $page = shift;
        my $destpage = shift;
@@ -88,7 +99,7 @@ sub preprocess (@) { #{{{
                # fallthorough
        }
        elsif ($key eq 'authorurl') {
-               $pagestate{$page}{meta}{authorurl}=$value;
+               $pagestate{$page}{meta}{authorurl}=$value if safeurl($value);
                # fallthrough
        }
 
@@ -106,8 +117,10 @@ sub preprocess (@) { #{{{
                }
        }
        elsif ($key eq 'permalink') {
-               $pagestate{$page}{meta}{permalink}=$value;
-               push @{$metaheaders{$page}}, scrub('<link rel="bookmark" href="'.encode_entities($value).'" />');
+               if (safeurl($value)) {
+                       $pagestate{$page}{meta}{permalink}=$value;
+                       push @{$metaheaders{$page}}, scrub('<link rel="bookmark" href="'.encode_entities($value).'" />');
+               }
        }
        elsif ($key eq 'stylesheet') {
                my $rel=exists $params{rel} ? $params{rel} : "alternate stylesheet";
@@ -124,12 +137,22 @@ sub preprocess (@) { #{{{
                        "\" type=\"text/css\" />";
        }
        elsif ($key eq 'openid') {
-               if (exists $params{server}) {
+               if (exists $params{server} && safeurl($params{server})) {
                        push @{$metaheaders{$page}}, '<link href="'.encode_entities($params{server}).
                                '" rel="openid.server" />';
+                       push @{$metaheaders{$page}}, '<link href="'.encode_entities($params{server}).
+                               '" rel="openid2.provider" />';
+               }
+               if (safeurl($value)) {
+                       push @{$metaheaders{$page}}, '<link href="'.encode_entities($value).
+                               '" rel="openid.delegate" />';
+                       push @{$metaheaders{$page}}, '<link href="'.encode_entities($value).
+                               '" rel="openid2.local_id" />';
+               }
+               if (exists $params{xrds-location} && safeurl($params{xrds-location})) {
+                       push @{$metaheaders{$page}}, '<meta http-equiv="X-XRDS-Location"'.
+                               'content="'.encode_entities($params{xrds-location}).'" />';
                }
-               push @{$metaheaders{$page}}, '<link href="'.encode_entities($value).
-                       '" rel="openid.delegate" />';
        }
        elsif ($key eq 'redir') {
                return "" if $page ne $destpage;
@@ -178,6 +201,10 @@ sub preprocess (@) { #{{{
                                " />\n");
                }
        }
+       elsif ($key eq 'robots') {
+               push @{$metaheaders{$page}}, '<meta name="robots"'.
+                       ' value="'.encode_entities($value).'" />';
+       }
        else {
                push @{$metaheaders{$page}}, scrub('<meta name="'.encode_entities($key).
                        '" content="'.encode_entities($value).'" />');