Skip to content

Security

Jérémie Astori edited this page Jul 11, 2016 · 4 revisions

CUSTOM CSS/JS & MATHJAX CONFIG

Don't enable these options unless you trust every user who has the ability to edit the Wiki. A better solution with more security is being tracked in #665.

PAGE SANITIZATION

Gollum uses the Sanitize gem to filter out any potentially insecure HTML.

Default settings

Allowed HTML tags

a, abbr, acronym, address, area, b, big, blockquote, br, button, caption, center, cite, code, col, colgroup, dd, del, dfn, dir, div, dl, dt, em, fieldset, font, form, h1, h2, h3, h4, h5, h6, hr, i, img, input, ins, kbd, label, legend, li, map, menu, ol, optgroup, option, p, pre, q, s, samp, select, small, span, strike, strong, sub, sup, table, tbody, td, textarea, tfoot, th, thead, tr, tt, u, ul, var

Allowed HTML attributes

a href, abbr, accept, accept-charset, accesskey, action, align, alt, axis, border, cellpadding, cellspacing, char, charoff, class, charset, checked, cite, clear, cols, colspan, color, compact, coords, datetime, dir, disabled, enctype, for, frame, headers, height, hreflang, hspace, id, img src, ismap, label, lang, longdesc, maxlength, media, method, multiple, name, nohref, noshade, nowrap, prompt, readonly, rel, rev, rows, rowspan, rules, scope, selected, shape, size, span, start, summary, tabindex, target, title, type, usemap, valign, value, vspace, width

Allowed URL protocols

  • a href: http, https, mailto, ftp, irc, apt, :relative
  • img src: http, https, :relative
  • form action: http, https, :relative

Customization

To customize these settings, edit your config.rb file along the following lines (be sure to run gollum with the --config option):

sanitizer = Gollum::Sanitization.new
sanitizer.protocols['a']['href'].concat ['ssh', 'vnc'] # Protocols
sanitizer.elements.concat ['customtag1', 'customtag2'] # Tags
sanitizer.attributes['a'].push 'target' # Attributes
Precious::App.set(:wiki_options, {sanitization: sanitizer})
You can’t perform that action at this time.