 |
|
You are here: GaiaWiki>System Web>Category>DeveloperDocumentationCategory>PerlDoc (24 Jun 2022, ProjectContributor)Edit Attach
PerlDoc
See PublishedAPI for packages intended to be used by Plugin and Contrib authors, or browse all packages.See also Developing plugins, Developer's Bible, Technical Overview
internal package Foswiki::Plugins::SafeWikiPlugin::Signatures
Apart from the actual parsing of HTML, this is the workhorse of
SafeWikiPlugin, and also the part that makes available some functions other
plugins can use. These functions should be available whenever the context
{SafeWikiSignable} is active.
This package reads signatures from LSC and the Signatures sibling directory,
and has all the necessary functions to check script snippets against these
signatures as well as any inline signatures. See the plugin topic
for more details on how signatures work.
Another thing that happens in this package is zone processing. Internally,
whenever we find a zone that matches one of our signatures, we take it out of
the page and substitute a placeholder. Once parsing and filtering is complete,
we re-insert the original zone content. This approach allows us to do some
fancy things like expanding macros in the zone after filtering is complete, so
that code can be dynamically generated to some extent. Once again, the details
relevant for writing that kind of code are explained in the plugin topic.
You should never use any of the zone processing functions directly. Simply use
the standard Foswiki::Func::addToZone; your zone contents will magically be
trusted. Keep in mind that this means that you have to be careful about what
you add to zones.
trustedInlineCode($text) → $boolean
-
$text- JS snippet to check against signatures
permitInlineCode($text)
-
$text- JS snippet to whitelist on the current view