Skip to content

Consider disabling the htmlscrubber ikiwiki plugin

This plugin is meant to prevent insertion of dangerous HTML tags in the ikiwiki source code. It strips CSS, and JavaScript tags by default. See http://ikiwiki.info/plugins/htmlscrubber/.

Currently on tails.boum.org it seems like we have the htmlscrubber ikiwiki plugin enabled as https://tails.boum.org/blueprint/bootstrapping/assistant/windows/ doesn’t obey the `[[!meta stylesheet=]]` directive in its source code.

We currently have one exception (`htmlscrubber_skip: ‘!/misc/unsafe_browser_warning’`) but we will soon need more:

  • On the download page due to #8642 (closed)
  • On all the page of the Installation Assistant to add extra CSS
  • On the page of the ISO verification extension to have the JavaScript for browser detection

So, since in our case all the ikiwiki source code is written directly by us and reviewed, I think it would make sense to disable htmlscrubber all the way.

Related issues

Original created by @sajolida on 10299 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information