data:image/svg is a security hole as javascript can presumably be inserted

[git.ikiwiki.info.git] / IkiWiki / Plugin / comments.pm

diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm
index 8f8472f075f20c69e57578b75041c4ce145224f1..ceb7c7836a1af0d8d66eba81931931b4bafc59e7 100644 (file)
--- a/IkiWiki/Plugin/comments.pm
+++ b/IkiWiki/Plugin/comments.pm
@@ -839,7 +839,7 @@ sub unique_comment_location ($$$) {
 
        eval q{use Digest::MD5 'md5_hex'};
        error($@) if $@;
-       my $content_md5=md5_hex(shift);
+       my $content_md5=md5_hex(Encode::encode_utf8(shift));
 
        my $dir=shift;
 
@@ -855,14 +855,14 @@ sub unique_comment_location ($$$) {
 
 sub page_to_id ($) {
        # Converts a comment page name into a unique, legal html id
-       # addtibute value, that can be used as an anchor to link to the
+       # attribute value, that can be used as an anchor to link to the
        # comment.
        my $page=shift;
 
        eval q{use Digest::MD5 'md5_hex'};
        error($@) if $@;
 
-       return "comment-".md5_hex($page);
+       return "comment-".md5_hex(Encode::encode_utf8(($page));
 }
        
 package IkiWiki::PageSpec;