X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/270fd45c5d30c06f69e18488f08a7f6bdec95813..339f15d6f4a2d22014e2d38b7459de8a28c5fa8f:/IkiWiki/Plugin/meta.pm?ds=sidebyside diff --git a/IkiWiki/Plugin/meta.pm b/IkiWiki/Plugin/meta.pm index b857f453e..421f1dc86 100644 --- a/IkiWiki/Plugin/meta.pm +++ b/IkiWiki/Plugin/meta.pm @@ -275,17 +275,23 @@ sub preprocess (@) { push @{$metaheaders{$page}}, ''; } - elsif ($key eq 'description') { - push @{$metaheaders{$page}}, ''; } elsif ($key eq 'name') { - push @{$metaheaders{$page}}, scrub('', $page, $destpage); } + elsif ($key eq 'keywords') { + # Make sure the keyword string is safe: only allow alphanumeric + # characters, space and comma and strip the rest. + $value =~ s/[^[:alnum:], ]+//g; + push @{$metaheaders{$page}}, ''; + } else { push @{$metaheaders{$page}}, scrub('param(title => encode_numeric($pagestate{$page}{meta}{title})); + $template->param(title => HTML::Entities::encode_numeric($pagestate{$page}{meta}{title})); $template->param(title_overridden => 1); } - foreach my $field (qw{author authorurl permalink}) { - $template->param($field => $pagestate{$page}{meta}{$field}) + foreach my $field (qw{authorurl}) { + eval q{use HTML::Entities}; + $template->param($field => HTML::Entities::encode_entities($pagestate{$page}{meta}{$field})) if exists $pagestate{$page}{meta}{$field} && $template->query(name => $field); } foreach my $field (qw{permalink}) { - $template->param($field => IkiWiki::urlabs($pagestate{$page}{meta}{$field}, $config{url})) - if exists $pagestate{$page}{meta}{$field} && $template->query(name => $field); + if (exists $pagestate{$page}{meta}{$field} && $template->query(name => $field)) { + eval q{use HTML::Entities}; + $template->param($field => HTML::Entities::encode_entities(IkiWiki::urlabs($pagestate{$page}{meta}{$field}, $config{url}))); + } } - foreach my $field (qw{description}) { + foreach my $field (qw{description author}) { eval q{use HTML::Entities}; - $template->param($field => encode_numeric($pagestate{$page}{meta}{$field})) + $template->param($field => HTML::Entities::encode_numeric($pagestate{$page}{meta}{$field})) if exists $pagestate{$page}{meta}{$field} && $template->query(name => $field); }