}
} #}}}
+sub safeurl ($) { #{{{
+ my $url=shift;
+ if (exists $IkiWiki::Plugin::htmlscrubber::{safe_url_regexp} &&
+ defined $IkiWiki::Plugin::htmlscrubber::safe_url_regexp) {
+ return $url=~/$IkiWiki::Plugin::htmlscrubber::safe_url_regexp/;
+ }
+ else {
+ return 1;
+ }
+} #}}}
+
sub htmlize ($$$) { #{{{
my $page = shift;
my $destpage = shift;
- return IkiWiki::htmlize($page, pagetype($pagesources{$page}),
+ return IkiWiki::htmlize($page, $destpage, pagetype($pagesources{$page}),
IkiWiki::linkify($page, $destpage,
IkiWiki::preprocess($page, $destpage, shift)));
}
# Metadata collection that needs to happen during the scan pass.
if ($key eq 'title') {
$pagestate{$page}{meta}{title}=HTML::Entities::encode_numeric($value);
+ # fallthrough
+ }
+ elsif ($key eq 'description') {
+ $pagestate{$page}{meta}{description}=HTML::Entities::encode_numeric($value);
+ # fallthrough
}
elsif ($key eq 'license') {
push @{$metaheaders{$page}}, '<link rel="license" href="#page_license" />';
# fallthorough
}
elsif ($key eq 'authorurl') {
- $pagestate{$page}{meta}{authorurl}=$value;
+ $pagestate{$page}{meta}{authorurl}=$value if safeurl($value);
# fallthrough
}
}
}
elsif ($key eq 'permalink') {
- $pagestate{$page}{meta}{permalink}=$value;
- push @{$metaheaders{$page}}, scrub('<link rel="bookmark" href="'.encode_entities($value).'" />');
+ if (safeurl($value)) {
+ $pagestate{$page}{meta}{permalink}=$value;
+ push @{$metaheaders{$page}}, scrub('<link rel="bookmark" href="'.encode_entities($value).'" />');
+ }
}
elsif ($key eq 'stylesheet') {
my $rel=exists $params{rel} ? $params{rel} : "alternate stylesheet";
"\" type=\"text/css\" />";
}
elsif ($key eq 'openid') {
- if (exists $params{server}) {
+ if (exists $params{server} && safeurl($params{server})) {
push @{$metaheaders{$page}}, '<link href="'.encode_entities($params{server}).
'" rel="openid.server" />';
+ push @{$metaheaders{$page}}, '<link href="'.encode_entities($params{server}).
+ '" rel="openid2.provider" />';
+ }
+ if (safeurl($value)) {
+ push @{$metaheaders{$page}}, '<link href="'.encode_entities($value).
+ '" rel="openid.delegate" />';
+ push @{$metaheaders{$page}}, '<link href="'.encode_entities($value).
+ '" rel="openid2.local_id" />';
+ }
+ if (exists $params{"xrds-location"} && safeurl($params{"xrds-location"})) {
+ push @{$metaheaders{$page}}, '<meta http-equiv="X-XRDS-Location"'.
+ 'content="'.encode_entities($params{"xrds-location"}).'" />';
}
- push @{$metaheaders{$page}}, '<link href="'.encode_entities($value).
- '" rel="openid.delegate" />';
}
elsif ($key eq 'redir') {
return "" if $page ne $destpage;
$value=encode_entities($value);
}
my $delay=int(exists $params{delay} ? $params{delay} : 0);
- my $redir="<meta http-equiv=\"refresh\" content=\"$delay; URL=$value\">";
+ my $redir="<meta http-equiv=\"refresh\" content=\"$delay; URL=$value\" />";
if (! $safe) {
$redir=scrub($redir);
}
" />\n");
}
}
+ elsif ($key eq 'robots') {
+ push @{$metaheaders{$page}}, '<meta name="robots"'.
+ ' content="'.encode_entities($value).'" />';
+ }
else {
push @{$metaheaders{$page}}, scrub('<meta name="'.encode_entities($key).
'" content="'.encode_entities($value).'" />');
my $page=shift;
# turn glob into a safe regexp
- my $re=quotemeta(shift);
- $re=~s/\\\*/.*/g;
- $re=~s/\\\?/./g;
+ my $re=IkiWiki::glob2re(shift);
my $val;
if (exists $pagestate{$page}{meta}{$field}) {