1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
#!/usr/bin/perl
package IkiWiki::Plugin::htmlscrubber;
use warnings;
use strict;
use IkiWiki 3.00;
# This regexp matches urls that are in a known safe scheme.
# Feel free to use it from other plugins.
our $safe_url_regexp;
sub import {
hook(type => "getsetup", id => "htmlscrubber", call => \&getsetup);
hook(type => "sanitize", id => "htmlscrubber", call => \&sanitize);
# Only known uri schemes are allowed to avoid all the ways of
# embedding javascrpt.
# List at http://en.wikipedia.org/wiki/URI_scheme
my $uri_schemes=join("|", map quotemeta,
# IANA registered schemes
"http", "https", "ftp", "mailto", "file", "telnet", "gopher",
"aaa", "aaas", "acap", "cap", "cid", "crid",
"dav", "dict", "dns", "fax", "go", "h323", "im", "imap",
"ldap", "mid", "news", "nfs", "nntp", "pop", "pres",
"sip", "sips", "snmp", "tel", "urn", "wais", "xmpp",
"z39.50r", "z39.50s",
# Selected unofficial schemes
"aim", "callto", "cvs", "ed2k", "feed", "fish", "gg",
"irc", "ircs", "lastfm", "ldaps", "magnet", "mms",
"msnim", "notes", "rsync", "secondlife", "skype", "ssh",
"sftp", "smb", "sms", "snews", "webcal", "ymsgr",
);
# data is a special case. Allow data:image/*, but
# disallow data:text/javascript and everything else.
$safe_url_regexp=qr/^(?:(?:$uri_schemes):|data:image\/|[^:]+(?:$|\/))/i;
}
sub getsetup () {
return
plugin => {
safe => 1,
rebuild => undef,
},
htmlscrubber_skip => {
type => "pagespec",
example => "!*/Discussion",
description => "PageSpec specifying pages not to scrub",
link => "ikiwiki/PageSpec",
safe => 1,
rebuild => undef,
},
}
sub sanitize (@) {
my %params=@_;
if (exists $config{htmlscrubber_skip} &&
length $config{htmlscrubber_skip} &&
exists $params{destpage} &&
pagespec_match($params{destpage}, $config{htmlscrubber_skip})) {
return $params{content};
}
return scrubber()->scrub($params{content});
}
my $_scrubber;
sub scrubber {
return $_scrubber if defined $_scrubber;
eval q{use HTML::Scrubber};
error($@) if $@;
# Lists based on http://feedparser.org/docs/html-sanitization.html
# With html 5 video and audio tags added.
$_scrubber = HTML::Scrubber->new(
allow => [qw{
a abbr acronym address area b big blockquote br br/
button caption center cite code col colgroup dd del
dfn dir div dl dt em fieldset font form h1 h2 h3 h4
h5 h6 hr hr/ i img input ins kbd label legend li map
menu ol optgroup option p p/ pre q s samp select small
span strike strong sub sup table tbody td textarea
tfoot th thead tr tt u ul var
video audio
}],
default => [undef, { (
map { $_ => 1 } qw{
abbr accept accept-charset accesskey
align alt axis border cellpadding cellspacing
char charoff charset checked class
clear cols colspan color compact coords
datetime dir disabled enctype for frame
headers height hreflang hspace id ismap
label lang maxlength media method
multiple name nohref noshade nowrap prompt
readonly rel rev rows rowspan rules scope
selected shape size span start summary
tabindex target title type valign
value vspace width
autoplay loopstart loopend end
playcount controls
} ),
"/" => 1, # emit proper <hr /> XHTML
href => $safe_url_regexp,
src => $safe_url_regexp,
action => $safe_url_regexp,
cite => $safe_url_regexp,
longdesc => $safe_url_regexp,
poster => $safe_url_regexp,
usemap => $safe_url_regexp,
}],
);
return $_scrubber;
}
1
|