return length $config{userdir} ? "$config{userdir}/$user" : $user;
}
+# Username to display for openid accounts.
sub openiduser ($) {
my $user=shift;
return;
}
+# Username to display for emailauth accounts.
sub emailuser ($) {
my $user=shift;
if (defined $user && $user =~ m/(.+)@/) {
return;
}
+# Some user information should not be exposed in commit metadata, etc.
+# This generates a cloaked form of such information.
+sub cloak ($) {
+ my $user=shift;
+ # cloak email address using http://xmlns.com/foaf/spec/#term_mbox_sha1sum
+ if ($user=~m/(.+)@/) {
+ my $nick=$1;
+ eval q{use Digest::SHA};
+ return $user if $@;
+ return $nick.'@'.Digest::SHA::sha1_hex("mailto:$user");
+ }
+ else {
+ return $user;
+ }
+}
+
sub htmlize ($$$$) {
my $page=shift;
my $destpage=shift;
my $banned=0;
my $name=$session->param("name");
+ my $cloak=cloak($name) if defined $name;
if (defined $name &&
- grep { $name eq $_ } @{$config{banned_users}}) {
+ grep { $name eq $_ || $cloak eq $_ } @{$config{banned_users}}) {
$banned=1;
}
foreach my $b (@{$config{banned_users}}) {
if (pagespec_match("", $b,
ip => $session->remote_addr(),
- name => defined $name ? $name : "",
- )) {
+ name => defined $name ? $name : "")
+ || pagespec_match("", $b,
+ ip => cloak($session->remote_addr()),
+ name => defined $cloak ? $cloak : "")) {
$banned=1;
last;
}
my $ipaddr=$session->remote_addr();
if (defined $user) {
- return IkiWiki::possibly_foolish_untaint($user);
+ return IkiWiki::possibly_foolish_untaint(IkiWiki::cloak($user));
}
elsif (defined $ipaddr) {
- return "Anonymous from ".IkiWiki::possibly_foolish_untaint($ipaddr);
+ return "Anonymous from ".IkiWiki::possibly_foolish_untaint(IkiWiki::cloak($ipaddr));
}
else {
return "Anonymous";
my $content = "[[!comment format=$type\n";
if (defined $session->param('name')) {
- my $username = $session->param('name');
+ my $username = IkiWiki::cloak($session->param('name'));
$username =~ s/"/"/g;
$content .= " username=\"$username\"\n";
}
if (!(defined $session->param('name') || defined $session->param('nickname')) &&
defined $session->remote_addr()) {
- $content .= " ip=\"".$session->remote_addr()."\"\n";
+ $content .= " ip=\"".IkiWiki::cloak($session->remote_addr())."\"\n";
}
if ($config{comments_allowauthor}) {
if (defined $params{session}) {
if (defined $params{session}->param("name")) {
return "web commit by ".
- $params{session}->param("name").
+ IkiWiki::cloak($params{session}->param("name")).
(length $params{message} ? ": $params{message}" : "");
}
elsif (defined $params{session}->remote_addr()) {
return "web commit from ".
- $params{session}->remote_addr().
+ IkiWiki::cloak($params{session}->remote_addr()).
(length $params{message} ? ": $params{message}" : "");
}
}
my $author="anon\@web";
if (defined $params{session}) {
if (defined $params{session}->param("name")) {
- return $params{session}->param("name").'@web';
+ return IkiWiki::cloak($params{session}->param("name")).'@web';
}
elsif (defined $params{session}->remote_addr()) {
- return $params{session}->remote_addr().'@web';
+ return IkiWiki::cloak($params{session}->remote_addr()).'@web';
}
}
return 'anon@web';
$u=$params{session}->remote_addr();
}
if (defined $u) {
- $u=encode_utf8($u);
+ $u=encode_utf8(IkiWiki::cloak($u));
$ENV{GIT_AUTHOR_NAME}=$u;
}
if (defined $params{session}->param("nickname")) {
my $user="Anonymous";
if (defined $params{session}) {
if (defined $params{session}->param("name")) {
- $user = $params{session}->param("name");
+ $user = IkiWiki::cloak($params{session}->param("name"));
}
elsif (defined $params{session}->remote_addr()) {
- $user = $params{session}->remote_addr();
+ $user = IkiWiki::cloak($params{session}->remote_addr());
}
my $nickname=$user;
if (defined $params{session}) {
if (defined $params{session}->param("name")) {
- return "Web user: " . $params{session}->param("name");
+ return "Web user: " . IkiWiki::cloak($params{session}->param("name"));
}
elsif (defined $params{session}->remote_addr()) {
- return "Web IP: " . $params{session}->remote_addr();
+ return "Web IP: " . IkiWiki::cloak($params{session}->remote_addr());
}
}
return "Web: Anonymous";
if (defined $params{session}) {
if (defined $params{session}->param("name")) {
return "web commit by ".
- $params{session}->param("name").
+ IkiWiki::cloak($params{session}->param("name")).
(length $params{message} ? ": $params{message}" : "");
}
elsif (defined $params{session}->remote_addr()) {
return "web commit from ".
- $params{session}->remote_addr().
+ IkiWiki::cloak($params{session}->remote_addr()).
(length $params{message} ? ": $params{message}" : "");
}
}
if (defined $params{session}) {
if (defined $params{session}->param("name")) {
$message="web commit by ".
- $params{session}->param("name").
+ IkiWiki::cloak($params{session}->param("name")).
(length $message ? ": $message" : "");
}
elsif (defined $params{session}->remote_addr()) {
$message="web commit from ".
- $params{session}->remote_addr().
+ IkiWiki::cloak($params{session}->remote_addr()).
(length $message ? ": $message" : "");
}
}
If a banned user attempts to use the ikiwiki CGI, they will receive a 403
Forbidden webpage indicating they are banned.
+
+Note that when [[plugins/emailauth]] is used, the user's email address
+is displayed in cloaked form in commits of their edits. This cloaked email
+address can be used as-is in the `banned_users` setting.
Users who have logged in using emailauth will have their email address used as
their username. In places where the username is displayed, like the
RecentChanges page, the domain will be omitted, to avoid exposing the
-user's email address. Note though that the email address will be visible
-when looking at eg, commits in the git repository.
+user's email address. In places where the full username needs to be put,
+like commits of changes, the email address is cloaked using
+<a href="http://xmlns.com/foaf/spec/#term_mbox_sha1sum">the
+foaf:mbox_sha1sum spec</a>.
This plugin needs the [[!cpan Mail::SendMail]] perl module installed,
and able to send outgoing email.
>>> from `smcv <smcv@debian.org>` - if the hash is of `mailto:whatever`
>>> (like my example one) then it's compatible with
>>> [FOAF](http://xmlns.com/foaf/spec/#term_mbox_sha1sum).
->>> --[[smcv]]
+>>> --[[smcv]]a
+
+>>> Email addresses are now cloaked in commits, using foaf:mbox_sha1sum. --[[Joey]]