X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/89256ab870299242c2f62858680c4a2870600a14..aaaef740107aacd8f6987711da6895c02e4473ad:/IkiWiki/Plugin/htmlscrubber.pm?ds=sidebyside diff --git a/IkiWiki/Plugin/htmlscrubber.pm b/IkiWiki/Plugin/htmlscrubber.pm index 7398c8478..9f40c752f 100644 --- a/IkiWiki/Plugin/htmlscrubber.pm +++ b/IkiWiki/Plugin/htmlscrubber.pm @@ -3,13 +3,13 @@ package IkiWiki::Plugin::htmlscrubber; use warnings; use strict; -use IkiWiki 2.00; +use IkiWiki 3.00; # This regexp matches urls that are in a known safe scheme. # Feel free to use it from other plugins. our $safe_url_regexp; -sub import { #{{{ +sub import { hook(type => "getsetup", id => "htmlscrubber", call => \&getsetup); hook(type => "sanitize", id => "htmlscrubber", call => \&sanitize); @@ -30,16 +30,17 @@ sub import { #{{{ "msnim", "notes", "rsync", "secondlife", "skype", "ssh", "sftp", "smb", "sms", "snews", "webcal", "ymsgr", ); - # data is a special case. Allow data:image/*, but - # disallow data:text/javascript and everything else. - $safe_url_regexp=qr/^(?:(?:$uri_schemes):|data:image\/|[^:]+(?:$|\/))/i; -} # }}} + # data is a special case. Allow a few data:image/ types, + # but disallow data:text/javascript and everything else. + $safe_url_regexp=qr/^(?:(?:$uri_schemes):|data:image\/(?:png|jpeg|gif)|[^:]+(?:$|[\/\?]))/i; +} -sub getsetup () { #{{{ +sub getsetup () { return plugin => { safe => 1, rebuild => undef, + section => "core", }, htmlscrubber_skip => { type => "pagespec", @@ -49,9 +50,9 @@ sub getsetup () { #{{{ safe => 1, rebuild => undef, }, -} #}}} +} -sub sanitize (@) { #{{{ +sub sanitize (@) { my %params=@_; if (exists $config{htmlscrubber_skip} && @@ -62,10 +63,10 @@ sub sanitize (@) { #{{{ } return scrubber()->scrub($params{content}); -} # }}} +} my $_scrubber; -sub scrubber { #{{{ +sub scrubber { return $_scrubber if defined $_scrubber; eval q{use HTML::Scrubber}; @@ -111,6 +112,6 @@ sub scrubber { #{{{ }], ); return $_scrubber; -} # }}} +} 1