diff options
author | joshtriplett <joshtriplett@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-04-06 05:38:02 +0000 |
---|---|---|
committer | joshtriplett <joshtriplett@0fa5a96a-9a0e-0410-b3b2-a0fd24251071> | 2007-04-06 05:38:02 +0000 |
commit | 17fa98396cb7d8b380bb821577532d30a38d5680 (patch) | |
tree | 81f6046da0dc560f538d3e5b62fe5f1af71faceb | |
parent | 2498753310ab26803bf899f7c1cb2b21aa313ab0 (diff) | |
download | ikiwiki-17fa98396cb7d8b380bb821577532d30a38d5680.tar ikiwiki-17fa98396cb7d8b380bb821577532d30a38d5680.tar.gz |
Add todo item for blocking external links.
-rw-r--r-- | doc/todo/block_external_links.mdwn | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/todo/block_external_links.mdwn b/doc/todo/block_external_links.mdwn new file mode 100644 index 000000000..f62897a88 --- /dev/null +++ b/doc/todo/block_external_links.mdwn @@ -0,0 +1,14 @@ +I'd like the ability to block external links from anonymous users, or from +untrusted users. This could work by generating the HTML for the new page and +comparing it to the HTML for the old page, looking for any new <a> tags with +href values that didn't exist in the old page and don't start with the URL of +the wiki. Comparing the HTML, rather than the input, allows usage with +various types of input formats, and ensures that a template, shortcut, or some +new plugin will not bypass the filter. + +This would probably benefit from a whitelist of acceptable external URLs. + +This may actually form a subset of the general concept of content policies, +described at [[todo/fileupload]]. + +--[[JoshTriplett]] |