X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/2ca4ff8ae6d2d528b8895f7907d74c2f8859dc8d..c47839389abb8e21a94606a2c105e5c1ecf6ed32:/IkiWiki/Plugin/meta.pm?ds=inline diff --git a/IkiWiki/Plugin/meta.pm b/IkiWiki/Plugin/meta.pm index ae593555e..421f1dc86 100644 --- a/IkiWiki/Plugin/meta.pm +++ b/IkiWiki/Plugin/meta.pm @@ -40,10 +40,10 @@ sub needsbuild (@) { return $needsbuild; } -sub scrub ($$) { +sub scrub ($$$) { if (IkiWiki::Plugin::htmlscrubber->can("sanitize")) { return IkiWiki::Plugin::htmlscrubber::sanitize( - content => shift, destpage => shift); + content => shift, page => shift, destpage => shift); } else { return shift; @@ -162,7 +162,7 @@ sub preprocess (@) { # Metadata handling that happens only during preprocessing pass. if ($key eq 'permalink') { if (safeurl($value)) { - push @{$metaheaders{$page}}, scrub('<link rel="bookmark" href="'.encode_entities($value).'" />', $destpage); + push @{$metaheaders{$page}}, scrub('<link rel="bookmark" href="'.encode_entities($value).'" />', $page, $destpage); } } elsif ($key eq 'stylesheet') { @@ -174,10 +174,21 @@ sub preprocess (@) { if (! length $stylesheet) { error gettext("stylesheet not found") } - push @{$metaheaders{$page}}, '<link href="'.urlto($stylesheet, $page). + push @{$metaheaders{$page}}, scrub('<link href="'.urlto($stylesheet, $page). '" rel="'.encode_entities($rel). '" title="'.encode_entities($title). - "\" type=\"text/css\" />"; + "\" type=\"text/css\" />", $page, $destpage); + } + elsif ($key eq 'script') { + my $defer=exists $params{defer} ? ' defer="defer"' : ''; + my $async=exists $params{async} ? ' async="async"' : ''; + my $js=bestlink($page, $value.".js"); + if (! length $js) { + error gettext("script not found"); + } + push @{$metaheaders{$page}}, scrub('<script src="'.urlto($js, $page). + '"' . $defer . $async . ' type="text/javascript"></script>', + $page, $destpage); } elsif ($key eq 'openid') { my $delegate=0; # both by default @@ -198,8 +209,19 @@ sub preprocess (@) { '" rel="openid2.local_id" />' if $delegate ne 1; } if (exists $params{"xrds-location"} && safeurl($params{"xrds-location"})) { + # force url absolute + eval q{use URI}; + error($@) if $@; + my $url=URI->new_abs($params{"xrds-location"}, $config{url}); push @{$metaheaders{$page}}, '<meta http-equiv="X-XRDS-Location" '. - 'content="'.encode_entities($params{"xrds-location"}).'" />'; + 'content="'.encode_entities($url).'" />'; + } + } + elsif ($key eq 'foaf') { + if (safeurl($value)) { + push @{$metaheaders{$page}}, '<link rel="meta" '. + 'type="application/rdf+xml" title="FOAF" '. + 'href="'.encode_entities($value).'" />'; } } elsif ($key eq 'redir') { @@ -236,7 +258,7 @@ sub preprocess (@) { my $delay=int(exists $params{delay} ? $params{delay} : 0); my $redir="<meta http-equiv=\"refresh\" content=\"$delay; URL=$value\" />"; if (! $safe) { - $redir=scrub($redir, $destpage); + $redir=scrub($redir, $page, $destpage); } push @{$metaheaders{$page}}, $redir; } @@ -246,28 +268,34 @@ sub preprocess (@) { join(" ", map { encode_entities($_)."=\"".encode_entities(decode_entities($params{$_}))."\"" } keys %params). - " />\n", $destpage); + " />\n", $page, $destpage); } } elsif ($key eq 'robots') { push @{$metaheaders{$page}}, '<meta name="robots"'. ' content="'.encode_entities($value).'" />'; } - elsif ($key eq 'description') { - push @{$metaheaders{$page}}, '<meta name="'. - encode_entities($key). + elsif ($key eq 'description' || $key eq 'author') { + push @{$metaheaders{$page}}, '<meta name="'.$key. '" content="'.encode_entities($value).'" />'; } elsif ($key eq 'name') { - push @{$metaheaders{$page}}, scrub('<meta '.$key.'="'. + push @{$metaheaders{$page}}, scrub('<meta name="'. encode_entities($value). join(' ', map { "$_=\"$params{$_}\"" } keys %params). - ' />', $destpage); + ' />', $page, $destpage); + } + elsif ($key eq 'keywords') { + # Make sure the keyword string is safe: only allow alphanumeric + # characters, space and comma and strip the rest. + $value =~ s/[^[:alnum:], ]+//g; + push @{$metaheaders{$page}}, '<meta name="keywords"'. + ' content="'.encode_entities($value).'" />'; } else { push @{$metaheaders{$page}}, scrub('<meta name="'. encode_entities($key).'" content="'. - encode_entities($value).'" />', $destpage); + encode_entities($value).'" />', $page, $destpage); } return ""; @@ -285,16 +313,26 @@ sub pagetemplate (@) { $template->param(meta => join("\n", grep { (! $seen{$_}) && ($seen{$_}=1) } @{$metaheaders{$page}})); } if (exists $pagestate{$page}{meta}{title} && $template->query(name => "title")) { + eval q{use HTML::Entities}; $template->param(title => HTML::Entities::encode_numeric($pagestate{$page}{meta}{title})); $template->param(title_overridden => 1); } - foreach my $field (qw{author authorurl permalink}) { - $template->param($field => $pagestate{$page}{meta}{$field}) + foreach my $field (qw{authorurl}) { + eval q{use HTML::Entities}; + $template->param($field => HTML::Entities::encode_entities($pagestate{$page}{meta}{$field})) if exists $pagestate{$page}{meta}{$field} && $template->query(name => $field); } - foreach my $field (qw{description}) { + foreach my $field (qw{permalink}) { + if (exists $pagestate{$page}{meta}{$field} && $template->query(name => $field)) { + eval q{use HTML::Entities}; + $template->param($field => HTML::Entities::encode_entities(IkiWiki::urlabs($pagestate{$page}{meta}{$field}, $config{url}))); + } + } + + foreach my $field (qw{description author}) { + eval q{use HTML::Entities}; $template->param($field => HTML::Entities::encode_numeric($pagestate{$page}{meta}{$field})) if exists $pagestate{$page}{meta}{$field} && $template->query(name => $field); } @@ -351,7 +389,7 @@ sub match { } if (defined $val) { - if ($val=~/^$re$/i) { + if ($val=~$re) { return IkiWiki::SuccessReason->new("$re matches $field of $page", $page => $IkiWiki::DEPEND_CONTENT, "" => 1); } else {