Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info

[ikiwiki.git] / IkiWiki / Plugin / htmlscrubber.pm

diff --git a/IkiWiki/Plugin/htmlscrubber.pm b/IkiWiki/Plugin/htmlscrubber.pm
index 505a6f14293c7a35c4e2846e8ca0964dc0822066..927792f791f2160232671e1327db2a379a496e9d 100644 (file)
--- a/IkiWiki/Plugin/htmlscrubber.pm
+++ b/IkiWiki/Plugin/htmlscrubber.pm
@@ -32,7 +32,7 @@ sub import {
        );
        # data is a special case. Allow a few data:image/ types,
        # but disallow data:text/javascript and everything else.
        );
        # data is a special case. Allow a few data:image/ types,
        # but disallow data:text/javascript and everything else.

-       $safe_url_regexp=qr/^(?:(?:$uri_schemes):|data:image\/(?:png|jpeg|gif)|[^:]+(?:$|[\/\?]))/i;
+       $safe_url_regexp=qr/^(?:(?:$uri_schemes):|data:image\/(?:png|jpeg|gif)|[^:]+(?:$|[\/\?#]))|^#/i;

 }
 
 sub getsetup () {
 }
 
 sub getsetup () {


@@ -107,7 +107,7 @@ sub scrubber {
                                placeholder min max step low high optimum
                                form required autocomplete novalidate pattern
                                list formenctype formmethod formnovalidate
                                placeholder min max step low high optimum
                                form required autocomplete novalidate pattern
                                list formenctype formmethod formnovalidate

-                               formtarget reversed spellcheck open
+                               formtarget reversed spellcheck open hidden

                        } ),
                        "/" => 1, # emit proper <hr /> XHTML
                        href => $safe_url_regexp,
                        } ),
                        "/" => 1, # emit proper <hr /> XHTML
                        href => $safe_url_regexp,