diff options
-rw-r--r-- | doc/plugins/htmlscrubber.mdwn | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/plugins/htmlscrubber.mdwn b/doc/plugins/htmlscrubber.mdwn index 3ce40d991..31f2d0c02 100644 --- a/doc/plugins/htmlscrubber.mdwn +++ b/doc/plugins/htmlscrubber.mdwn @@ -6,7 +6,8 @@ to avoid XSS attacks and the like. It excludes all html tags and attributes except for those that are whitelisted using the same lists as used by Mark Pilgrim's Universal Feed -Parser, documented at <http://feedparser.org/docs/html-sanitization.html>. +Parser, documented at <http://feedparser.org/docs/html-sanitization.html> +(dead link 2011.10.31). Notably it strips `style` and `link` tags, and the `style` attribute. All attributes that can be used to specify an url are checked to make sure |