From: Joey Hess <joey@kodama.kitenet.net>
Date: Sun, 10 Feb 2008 23:31:18 +0000 (-0500)
Subject: Also filter the attributes cite, longdesc, and usemap, which can contain URIs
X-Git-Tag: 1.33.5~10
X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/31accc9474dd5820dc0b0bce4a29802986f3a98a?ds=inline

Also filter the attributes cite, longdesc, and usemap, which can contain URIs
---

diff --git a/IkiWiki/Plugin/htmlscrubber.pm b/IkiWiki/Plugin/htmlscrubber.pm
index a8a37eafa..067d766f7 100644
--- a/IkiWiki/Plugin/htmlscrubber.pm
+++ b/IkiWiki/Plugin/htmlscrubber.pm
@@ -59,21 +59,24 @@ sub scrubber { #{{{
 		default => [undef, { ( map { $_ => 1 } qw{
 			abbr accept accept-charset accesskey
 			align alt axis border cellpadding cellspacing
-			char charoff charset checked cite class
+			char charoff charset checked class
 			clear cols colspan color compact coords
 			datetime dir disabled enctype for frame
 			headers height hreflang hspace id ismap
-			label lang longdesc maxlength media method
+			label lang maxlength media method
 			multiple name nohref noshade nowrap prompt
 			readonly rel rev rows rowspan rules scope
 			selected shape size span start summary
-			tabindex target title type usemap valign
+			tabindex target title type valign
 			value vspace width
 		} ),
 		"/" => 1, # emit proper <hr /> XHTML
 		href => $safe_url_regexp,
 		src => $safe_url_regexp,
 		action => $safe_url_regexp,
+		cite => $safe_url_regexp,
+		longdesc => $safe_url_regexp,
+		usemap => $safe_url_regexp,
 		}],
 	);
 	return $_scrubber;