ikiwiki - [no description]

	Commit message (Collapse)	Author	Age
*	htmlscrubber: Add support for the video tag's loop and muted attributes.	Joey Hess	2017-07-11
\| \| \| \| \| \| \|	Those were not in the original html5 spec, but have been added in the whatwg html living standard and have wide browser support. This commit was sponsored by John Peloquin on Patreon.
*	htmlscrubber: Allow the URI schemes of major VCS's.	Joey Hess	2013-01-05
\|
*	htmlscrubber: Allow the bitcoin URI scheme.	Joey Hess	2012-12-22
\|
*	Fix htmlscrubber_skip to be matched on the source page, not the page it is ↵	Joey Hess	2010-11-12
\| \| \| \|	inlined into. Should allow setting to "* and !comment(*)" to scrub comments, but leave your blog posts unscrubbed, etc.
*	htmlscrubber: Do not scrub url anchors that contain colons.	Joey Hess	2010-08-19
\|
*	enable hidden attribute	Joey Hess	2010-05-01
\|
*	htmlscrubber: Also allow some other html5 tags: canvas, progress, meter, ↵	Joey Hess	2010-05-01
\| \| \| \|	ruby, rt, rp, details, summary.
*	more html5 attributes	Joey Hess	2010-05-01
\|
*	add rest of html5 form attributes	Joey Hess	2010-05-01
\| \| \| \| \|	It's easy to imagine pattern being used to freeze or crash browsers, if they implement it stupidly. Let's hope not..
*	add figure and figcaption	Joey Hess	2010-05-01
\|
*	htmlscrubber: Allow the html5 form attributes: placeholder autofocus, min, ↵	Joey Hess	2010-05-01
\| \| \| \|	max, step.
*	htmlscrubber: Allow the placeholder attribute.	Joey Hess	2010-05-01
\|
*	more html5	Joey Hess	2010-05-01
\| \| \| \| \| \|	* htmlscrubber: Also allow html5 canvas tags. * htmlscrubber: Round out html5 video support with the preload attribute and the source tag.
*	htmlscrubber: Allow html5 semantic tags: section nav article aside hgroup ↵	Joey Hess	2010-05-01
\| \| \| \|	header footer time mark
*	htmlscrubber: Allow colons in url fragments after '?'	Joey Hess	2010-04-02
\| \| \| \| \| \| \| \| \| \| \| \|	Colons are not allowed at the start of urls, because it can be interpreted as a protocol, and allowing arbitrary protocols can be unsafe (CVE-2008-0809). However, this check was too restrictive, not allowing use of eg, "video.ogv?t=0:03:00/0:04:00" to seek to a given place in a video, or "somecgi?foo=bar:baz" to pass parameters with colons. It's still not allowed to have a filename with a colon in it (ie "foo:bar.png") -- to link to such a file, a fully qualified url must be used.
*	htmlscrubber: Security fix: In data:image/* uris, only allow a few ↵	Joey Hess	2010-03-12
\| \| \| \|	whitelisted image types. No svg.
*	Group related plugins into sections in the setup file, and drop unused rcs ↵	Joey Hess	2010-02-11
\| \| \| \|	plugins from the setup file.
*	finalise version 3.00 of the plugin api	Joey Hess	2008-12-23
\|
*	Coding style change: Remove explcit vim folding markers.	Joey Hess	2008-12-17
\|
*	htmlscrubber: Add a config setting that can be used to disable the scrubber ↵	Joey Hess	2008-09-26
\| \| \| \|	acting on a set of pages.
*	add plugin safe/rebuild info (part 1 of 2)	Joey Hess	2008-08-03
\| \| \| \|	too many plugins.. brain exploding..
*	Allow colons in URLs after the first slash	Adeodato Simó	2008-02-29
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	A new regexp fixes this bug: http://ikiwiki.info/bugs/No_link_for_blog_items_when_filename_contains_a_colon/ I traced this down to htmlscrubber. If disabled, it works. If enabled, then $safe_url_regexp determines the URL unsafe because of the colon and hence removes the src attribute. Digging into this, I find that RFC 3986 pretty much discourages colons in filenames: """ A path segment that contains a colon character (e.g., "this:that") cannot be used as the first segment of a relative-path reference, as it would be mistaken for a scheme name. Such a segment must be preceded by a dot-segment (e.g., "./this:that") to make a relative- path reference. """ on the other hand, with usedirs, any link to another page will be prepended by ../ anyway, so that makes them okay again. The solution still seems not to use colons. In any case, htmlscrubber should get a new regexp, courtesy of dato. I have tested and verified this. Signed-off-by: martin f. krafft <madduck@madduck.net>
*	use quotemeta when building the regexp	Joey Hess	2008-02-10
\|
*	Allow the smb: URI scheme.	Josh Triplett	2008-02-10
\|
*	Allow the snews: URI scheme.	Josh Triplett	2008-02-10
\|
*	Do not allow the steam: URI scheme.	Josh Triplett	2008-02-10
\|
*	Match literal '.' in URI schemas containing '.', rather than matching any ↵	Josh Triplett	2008-02-10
\| \| \| \|	character
*	export $safe_url_regexp	Joey Hess	2008-02-10
\|
*	Also filter the attributes cite, longdesc, and usemap, which can contain URIs	Josh Triplett	2008-02-10
\|
*	add parens around scheme regexp	Joey Hess	2008-02-10
\|
*	Do not allow the about: URI scheme	Josh Triplett	2008-02-10
\| \| \| \| \| \|	Some browsers interpret about: URIs like a limited version of data: URIs. In particular, some versions of Internet Explorer interpret arbitrary HTML content in about: URIs.
*	fix data:image handling	Joey Hess	2008-02-10
\|
*	* htmlscrubber security fix: Block javascript in uris.	Joey Hess	2008-02-10
\| \| \| \|	* Add htmlscrubber test suite.
*	* htmlscrubber: Further work around #365971 by adding tags for 'br/', 'hr/'	Joey Hess	2008-01-07
\| \| \| \|	and 'p/'.
*	* Allow html5 video and audio tags and their attributes in the htmlscrubber.	Joey Hess	2007-11-18
\|
*	on second thought, simple alphanumeric styles are not actually useful (class ↵	joey	2007-07-11
\| \| \| \|	is already supported), and anything more complex is too hard to do, so revert
*	* Allow simple alphanumeric style attribute values in the htmlscrubber. This	joey	2007-07-11
\| \| \| \|	should be safe from javascript attacks.
*	* pagespec_match() has changed to take named parameters, to better allow	joey	2007-04-27
\| \| \| \| \| \| \| \| \|	for extended pagespecs. The old calling convention will still work for back-compat for now. * The calling convention for functions in the IkiWiki::PageSpec namespace has changed so they are passed named parameters. * Plugin interface version increased to 2.00 since I don't anticipate any more interface changes before 2.0.
*	* Make sure to check for errors from every eval.	joey	2006-11-08
\|
*	* Work on firming up the plugin interface:	joey	2006-09-09
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	- Plugins should not need to load IkiWiki::Render to get commonly used functions, so moved some functions from there to IkiWiki. - Picked out the set of functions and variables that most plugins use, documented them, and made IkiWiki export them by default, like a proper perl module should. - Use the other functions at your own risk. - This is not quite complete, I still have to decide whether to export some other things. * Changed all plugins included in ikiwiki to not use "IkiWiki::" when referring to stuff now exported by the IkiWiki module. * Anyone with a third-party ikiwiki plugin is strongly enrouraged to make like changes to it and avoid use of non-exported symboles from "IkiWiki::". * Link debian/changelog and debian/news to NEWS and CHANGELOG. * Support hyperestradier version 1.4.2, which adds a new required phraseform setting.
*	* Change htmlize, format, and sanitize hooks to use named parameters.	joey	2006-08-28
\|
*	* Tell HTML::Scrubber to treat "/" as a valid attribute which is its	joey	2006-05-25
\| \| \| \| \|	very strange way of enabling proper XHTML <br /> type tags. Output html should be always valid again now.
*	* Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubber	joey	2006-05-05
	and --disable-plugin htmlscrubber.