]> sipb.mit.edu Git - ikiwiki.git/commit
comments: sanitize the body of each comment before posting it
authorSimon McVittie <smcv@ http://smcv.pseudorandom.co.uk/>
Tue, 18 Nov 2008 10:29:16 +0000 (10:29 +0000)
committerSimon McVittie <smcv@ http://smcv.pseudorandom.co.uk/>
Thu, 11 Dec 2008 21:14:03 +0000 (21:14 +0000)
commitebe140201ed53ee4f8cf5998c69e20d5fef2ad16
tree9efb1bef4eb2bbb347c7c890390aa7343165f258
parent57e40b9ce5345530f31f4d1b25a49ed18228a8dd
comments: sanitize the body of each comment before posting it

This should ensure that users can't "break out" from the enclosing
<div>, making it impossible to forge comments (assuming htmlscrubber
is enabled, and so is either htmlbalance or htmltidy).
IkiWiki/Plugin/comments.pm