}
# The untaint is OK (as in editpage) because we're about to pass
- # it to file_pruned anyway
- my $page = $form->field('page');
+ # it to file_pruned and wiki_file_regexp anyway.
+ my $page = $form->field('page')=~/$config{wiki_file_regexp}/;
$page = IkiWiki::possibly_foolish_untaint($page);
if (! defined $page || ! length $page ||
IkiWiki::file_pruned($page)) {
+ikiwiki (3.20100815.5) testing; urgency=low
+
+ * comments: Fix XSS security hole due to missing validation of page name.
+ CVE-2011-0428 (Thanks, Dave B.)
+
+ -- Joey Hess <joeyh@debian.org> Sat, 22 Jan 2011 11:02:59 -0400
+
ikiwiki (3.20100815.4) testing; urgency=low
* meta: Fix calling of htmlscrubber to pass the page parameter.