X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/13e3bf867157226076fcc14a0d3875fd129a66c7..819a31ed24cfb95da7e37a7524ecf0655e106903:/IkiWiki/Render.pm?ds=sidebyside diff --git a/IkiWiki/Render.pm b/IkiWiki/Render.pm index dfa598da0..f9da33e30 100644 --- a/IkiWiki/Render.pm +++ b/IkiWiki/Render.pm @@ -18,6 +18,40 @@ sub linkify ($$) { #{{{ return $content; } #}}} +my $_scrubber; +sub scrubber { #{{{ + return $_scrubber if defined $_scrubber; + + eval q{use HTML::Scrubber}; + # Lists based on http://feedparser.org/docs/html-sanitization.html + $_scrubber = HTML::Scrubber->new( + allow => [qw{ + a abbr acronym address area b big blockquote br + button caption center cite code col colgroup dd del + dfn dir div dl dt em fieldset font form h1 h2 h3 h4 + h5 h6 hr i img input ins kbd label legend li map + menu ol optgroup option p pre q s samp select small + span strike strong sub sup table tbody td textarea + tfoot th thead tr tt u ul var + }], + default => [undef, { map { $_ => 1 } qw{ + abbr accept accept-charset accesskey action + align alt axis border cellpadding cellspacing + char charoff charset checked cite class + clear cols colspan color compact coords + datetime dir disabled enctype for frame + headers height href hreflang hspace id ismap + label lang longdesc maxlength media method + multiple name nohref noshade nowrap prompt + readonly rel rev rows rowspan rules scope + selected shape size span src start summary + tabindex target title type usemap valign + value vspace width + }}], + ); + return $_scrubber; +} # }}} + sub htmlize ($$) { #{{{ my $type=shift; my $content=shift; @@ -30,11 +64,17 @@ sub htmlize ($$) { #{{{ } if ($type eq '.mdwn') { - return Markdown::Markdown($content); + $content=Markdown::Markdown($content); } else { error("htmlization of $type not supported"); } + + if ($config{sanitize}) { + $content=scrubber()->scrub($content); + } + + return $content; } #}}} sub backlinks ($) { #{{{ @@ -99,17 +139,17 @@ sub preprocess ($$) { #{{{ my $command=shift; my $params=shift; if (length $escape) { - "[[$command $params]]"; + return "[[$command $params]]"; } elsif (exists $commands{$command}) { my %params; while ($params =~ /(\w+)=\"([^"]+)"(\s+|$)/g) { $params{$1}=$2; } - $commands{$command}->($page, %params); + return $commands{$command}->($page, %params); } else { - "[[bad directive $command]]"; + return "[[bad directive $command]]"; } }; @@ -160,17 +200,32 @@ sub preprocess_inline ($@) { #{{{ if (! exists $params{show} && $params{archive} eq "no") { $params{show}=10; } - $inlinepages{$parentpage}=$params{pages}; + if (! exists $depends{$parentpage}) { + $depends{$parentpage}=$params{pages}; + } + else { + $depends{$parentpage}.=" ".$params{pages}; + } my $ret=""; if (exists $params{rootpage}) { + # Add a blog post form, with a rss link button. my $formtemplate=HTML::Template->new(blind_cache => 1, filename => "$config{templatedir}/blogpost.tmpl"); $formtemplate->param(cgiurl => $config{cgiurl}); $formtemplate->param(rootpage => $params{rootpage}); - my $form=$formtemplate->output; - $ret.=$form; + if ($config{rss}) { + $formtemplate->param(rssurl => rsspage(basename($parentpage))); + } + $ret.=$formtemplate->output; + } + elsif ($config{rss}) { + # Add a rss link button. + my $linktemplate=HTML::Template->new(blind_cache => 1, + filename => "$config{templatedir}/rsslink.tmpl"); + $linktemplate->param(rssurl => rsspage(basename($parentpage))); + $ret.=$linktemplate->output; } my $template=HTML::Template->new(blind_cache => 1, @@ -227,10 +282,6 @@ sub genpage ($$$) { #{{{ $template->param(hyperestraierurl => cgiurl()); } - if ($config{rss} && $inlinepages{$page}) { - $template->param(rssurl => rsspage(basename($page))); - } - $template->param( title => $title, wikiname => $config{wikiname}, @@ -335,7 +386,7 @@ sub render ($) { #{{{ my $page=pagename($file); $links{$page}=[findlinks($content, $page)]; - delete $inlinepages{$page}; + delete $depends{$page}; $content=linkify($content, $page); $content=preprocess($page, $content); @@ -529,18 +580,18 @@ FILE: foreach my $file (@files) { } # Handle backlinks; if a page has added/removed links, update the - # pages it links to. Also handle inlining here. + # pages it links to. Also handles rebuilding dependat pages. # TODO: inefficient; pages may get rendered above and again here; # problem is the backlinks could be wrong in the first pass render # above if (%rendered || @del) { foreach my $f (@files) { my $p=pagename($f); - if (exists $inlinepages{$p}) { + if (exists $depends{$p}) { foreach my $file (keys %rendered, @del) { my $page=pagename($file); - if (globlist_match($page, $inlinepages{$p})) { - debug("rendering $f, which inlines $page"); + if (globlist_match($page, $depends{$p})) { + debug("rendering $f, which depends on $page"); render($f); $rendered{$f}=1; last;