releasing version 1.1

[ikiwiki.git] / doc / security.mdwn

diff --git a/doc/security.mdwn b/doc/security.mdwn
index 766b8bee4bd6a61ecb711fa579a011e692cf2b55..73d98a3ae5fcf88c1dbcbe4b0ba983f853ad54e8 100644 (file)
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -62,7 +62,7 @@ this wiki, BTW.
 
 ## page locking can be bypassed via direct svn commits
 
 
 ## page locking can be bypassed via direct svn commits
 

-A [[lock]]ed page can only be edited on the web by an admin, but
+A locked page can only be edited on the web by an admin, but

 anyone who is allowed to commit direct to svn can bypass this. This is by
 design, although a subversion pre-commit hook could be used to prevent
 editing of locked pages when using subversion, if you really need to.
 anyone who is allowed to commit direct to svn can bypass this. This is by
 design, although a subversion pre-commit hook could be used to prevent
 editing of locked pages when using subversion, if you really need to.


@@ -215,4 +215,5 @@ pages from source with some other extension.
 
 ## XSS attacks in page content
 
 
 ## XSS attacks in page content
 

-ikiwiki supports [[HtmlSanitization]], though it can be turned off.
+ikiwiki supports protecting users from their own broken browsers via the
+[[plugins/htmlscrubber]] plugin, which is enabled by default.