X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/d7e0c035e55e8b47a9ea7e993c9332a7ce9930e1..d20e24b636c512fb47b2ca42a0677a3bab4d3fcb:/IkiWiki/Plugin/htmlscrubber.pm diff --git a/IkiWiki/Plugin/htmlscrubber.pm b/IkiWiki/Plugin/htmlscrubber.pm index 25caa8a50..8136bdadc 100644 --- a/IkiWiki/Plugin/htmlscrubber.pm +++ b/IkiWiki/Plugin/htmlscrubber.pm @@ -29,16 +29,15 @@ sub scrubber { #{{{ "ldap", "mid", "news", "nfs", "nntp", "pop", "pres", "sip", "sips", "snmp", "tel", "urn", "wais", "xmpp", "z39.50r", "z39.50s", - # data is a special case. Allow data:text/, but - # disallow data:text/javascript and everything else. - qr/data:text\/(?:png|gif|jpeg)/, # Selected unofficial schemes - "about", "aim", "callto", "cvs", "ed2k", "feed", "fish", "gg", + "aim", "callto", "cvs", "ed2k", "feed", "fish", "gg", "irc", "ircs", "lastfm", "ldaps", "magnet", "mms", "msnim", "notes", "rsync", "secondlife", "skype", "ssh", "sftp", "sms", "steam", "webcal", "ymsgr", ); - my $link=qr/^(?:$uri_schemes:|[^:]+$)/i; + # data is a special case. Allow data:image/*, but + # disallow data:text/javascript and everything else. + my $link=qr/^(?:(?:$uri_schemes):|data:image\/|[^:]+$)/i; eval q{use HTML::Scrubber}; error($@) if $@; @@ -59,15 +58,15 @@ sub scrubber { #{{{ map { $_ => 1 } qw{ abbr accept accept-charset accesskey align alt axis border cellpadding cellspacing - char charoff charset checked cite class + char charoff charset checked class clear cols colspan color compact coords datetime dir disabled enctype for frame headers height hreflang hspace id ismap - label lang longdesc maxlength media method + label lang maxlength media method multiple name nohref noshade nowrap prompt readonly rel rev rows rowspan rules scope selected shape size span start summary - tabindex target title type usemap valign + tabindex target title type valign value vspace width autoplay loopstart loopend end playcount controls @@ -76,7 +75,10 @@ sub scrubber { #{{{ href => $link, src => $link, action => $link, + cite => $link, + longdesc => $link, poster => $link, + usemap => $link, }], ); return $_scrubber;