X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/d22489299adb04fdce241a9365b47799ba7f66d6..e09eeb24363a3e0033102c894cef347afd89b0c2:/IkiWiki/Plugin/meta.pm diff --git a/IkiWiki/Plugin/meta.pm b/IkiWiki/Plugin/meta.pm index 434fde527..b19ea2b32 100644 --- a/IkiWiki/Plugin/meta.pm +++ b/IkiWiki/Plugin/meta.pm @@ -187,7 +187,7 @@ sub preprocess (@) { error gettext("script not found"); } push @{$metaheaders{$page}}, scrub('', $page, $destpage); } elsif ($key eq 'openid') { @@ -217,6 +217,13 @@ sub preprocess (@) { 'content="'.encode_entities($url).'" />'; } } + elsif ($key eq 'foaf') { + if (safeurl($value)) { + push @{$metaheaders{$page}}, ''; + } + } elsif ($key eq 'redir') { return "" if $page ne $destpage; my $safe=0; @@ -268,17 +275,23 @@ sub preprocess (@) { push @{$metaheaders{$page}}, ''; } - elsif ($key eq 'description') { - push @{$metaheaders{$page}}, ''; } elsif ($key eq 'name') { - push @{$metaheaders{$page}}, scrub('', $page, $destpage); } + elsif ($key eq 'keywords') { + # Make sure the keyword string is safe: only allow alphanumeric + # characters, space and comma and strip the rest. + $value =~ s/[^[:alnum:], ]+//g; + push @{$metaheaders{$page}}, ''; + } else { push @{$metaheaders{$page}}, scrub('param(title => encode_numeric($pagestate{$page}{meta}{title})); + $template->param(title => HTML::Entities::encode_numeric($pagestate{$page}{meta}{title})); $template->param(title_overridden => 1); } - foreach my $field (qw{author authorurl permalink}) { + foreach my $field (qw{author authorurl}) { $template->param($field => $pagestate{$page}{meta}{$field}) if exists $pagestate{$page}{meta}{$field} && $template->query(name => $field); } foreach my $field (qw{permalink}) { - $template->param($field => IkiWiki::urlabs($pagestate{$page}{meta}{$field}, $config{url})) - if exists $pagestate{$page}{meta}{$field} && $template->query(name => $field); + if (exists $pagestate{$page}{meta}{$field} && $template->query(name => $field)) { + eval q{use HTML::Entities}; + $template->param($field => HTML::Entities::encode_entities(IkiWiki::urlabs($pagestate{$page}{meta}{$field}, $config{url}))); + } } foreach my $field (qw{description}) { eval q{use HTML::Entities}; - $template->param($field => encode_numeric($pagestate{$page}{meta}{$field})) + $template->param($field => HTML::Entities::encode_numeric($pagestate{$page}{meta}{$field})) if exists $pagestate{$page}{meta}{$field} && $template->query(name => $field); }