+ if (safeurl($value)) {
+ push @{$metaheaders{$page}}, '<link href="'.encode_entities($value).
+ '" rel="openid.delegate" />' if $delegate ne 2;
+ push @{$metaheaders{$page}}, '<link href="'.encode_entities($value).
+ '" rel="openid2.local_id" />' if $delegate ne 1;
+ }
+ if (exists $params{"xrds-location"} && safeurl($params{"xrds-location"})) {
+ push @{$metaheaders{$page}}, '<meta http-equiv="X-XRDS-Location"'.
+ 'content="'.encode_entities($params{"xrds-location"}).'" />';
+ }
+ }
+ elsif ($key eq 'redir') {
+ return "" if $page ne $destpage;
+ my $safe=0;
+ if ($value !~ /^\w+:\/\//) {
+ my ($redir_page, $redir_anchor) = split /\#/, $value;
+
+ my $link=bestlink($page, $redir_page);
+ if (! length $link) {
+ error gettext("redir page not found")
+ }
+ add_depends($page, $link);
+
+ $value=urlto($link, $page);
+ $value.='#'.$redir_anchor if defined $redir_anchor;
+ $safe=1;
+
+ # redir cycle detection
+ $pagestate{$page}{meta}{redir}=$link;
+ my $at=$page;
+ my %seen;
+ while (exists $pagestate{$at}{meta}{redir}) {
+ if ($seen{$at}) {
+ error gettext("redir cycle is not allowed")
+ }
+ $seen{$at}=1;
+ $at=$pagestate{$at}{meta}{redir};
+ }
+ }
+ else {
+ $value=encode_entities($value);
+ }
+ my $delay=int(exists $params{delay} ? $params{delay} : 0);
+ my $redir="<meta http-equiv=\"refresh\" content=\"$delay; URL=$value\" />";
+ if (! $safe) {
+ $redir=scrub($redir, $destpage);
+ }
+ push @{$metaheaders{$page}}, $redir;
+ }
+ elsif ($key eq 'link') {
+ if (%params) {
+ push @{$metaheaders{$page}}, scrub("<link href=\"".encode_entities($value)."\" ".
+ join(" ", map {
+ encode_entities($_)."=\"".encode_entities(decode_entities($params{$_}))."\""
+ } keys %params).
+ " />\n", $destpage);
+ }
+ }
+ elsif ($key eq 'robots') {
+ push @{$metaheaders{$page}}, '<meta name="robots"'.
+ ' content="'.encode_entities($value).'" />';
+ }
+ else {
+ push @{$metaheaders{$page}}, scrub('<meta name="'.encode_entities($key).
+ '" content="'.encode_entities($value).'" />', $destpage);