xhtml.yaml: external image embedding

samizdat-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

xhtml.yaml: external image embedding - suggested patch

From:	boud
Subject:	xhtml.yaml: external image embedding - suggested patch
Date:	Thu, 8 Feb 2007 23:16:57 +0100 (CET)

hi samizdat-devel,

The following type of external image URL is *not* removed by our
present version of sanitise + xhtml.html, and it *is* interpreted by
many standard browsers as an external, http:// URL:

<img src="//www.debian.org/logos/openlogo-nd-50.png" />


The following patch works - it requires one of the first two letters
of the expression to be something which is not "/" - in other words,
"/content/..."  or "content/..." is accepted  but "//www..." is removed.

This came from a mir discussion, but on the non-public list, so i thought
it better not to forward the source of the discussion.

Does this sound reasonable?

cheers
boud



--- data/samizdat/xhtml.yaml    2006-12-04 17:31:30.000000000 +0100
+++ /usr/share/samizdat/xhtml.yaml      2007-02-08 22:54:10.828717856 +0100
@@ -90,8 +90,8 @@
 hr:
 html:
 i:
 img:
-  src: &path !ruby/regexp /\A[^:]+\z/i
+  src: &path !ruby/regexp /\A([^/].|.[^/])[^:]+\z/i
   alt: *cdata
   longdesc: *path
   width: *length

[Prev in Thread]

Current Thread

[Next in Thread]

xhtml.yaml: external image embedding - suggested patch, boud <=

Prev by Date: (en) (id) tidak ada usefulinc.com/rss/manifest
Next by Date: avoid non-ascii in ruby code files ? proposed patch to template.rb
Previous by thread: (en) (id) tidak ada usefulinc.com/rss/manifest
Next by thread: avoid non-ascii in ruby code files ? proposed patch to template.rb
Index(es):
- Date
- Thread