From c852203be808131ce5f9bbc376b04e76e3e82c8d Mon Sep 17 00:00:00 2001
From: intrigeri <intrigeri@boum.org>
Date: Wed, 15 Oct 2008 05:36:24 +0200
Subject: [PATCH] po plugin: todo++ more security checks needed

... when creating new files.

Signed-off-by: intrigeri <intrigeri@boum.org>
---
 doc/plugins/po.mdwn | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/doc/plugins/po.mdwn b/doc/plugins/po.mdwn
index ab7fcb725..717685df3 100644
--- a/doc/plugins/po.mdwn
+++ b/doc/plugins/po.mdwn
@@ -203,9 +203,12 @@ has just been declared as being translatable:
 - all the needed POT and PO files are be created
 - **FIXME** the PO files must be checked into version control
 
-**FIXME** `refreshpofiles` uses `system()`, whose args have to be
-checked more thoroughly to prevent any security issue (command
-injection, etc.).
+Security checks:
+
+- `refreshpofiles` uses `system()`, whose args have to be checked more
+  thoroughly to prevent any security issue (command injection, etc.).
+- `refreshpofiles` and `refreshpot` create new files; this may need
+  some checks, e.g. using `IkiWiki::prep_writefile()`
 
 Translation quality assurance
 -----------------------------
-- 
2.44.0