6.75.0
Summary: Sanitization of HTML uploads
Release Date: Mon, March 12, 2018 at 3:00 PM UTC
Release Author: Henrik Levkowetz
During the last few IETF meetings, there have been a few cases of agenda and
minutes uploads that have not worked well, for various reasons. Some have
unintentionally used frames, and failed to include the frame contents; some
have used iframes, which pulls the actual content from elsewhere, which
means it won't actually be saved on the IETF servers and archived. There
has also been issues relating to styling and use of javascript. This shows,
of course, that malicious uploads (even if unintentional) are possible.
Considering this, it seems that a good and general approach would be to do
what is often called sanitization
of uploaded html content. (Uploaded
text/plain and markdown documents won't be affected).
This release introduces such sanitization.
The cost of this is that if you upload agendas and minutes in HTML format,
you will need to check the results after upload, to make sure that the
agenda and minutes still captures your intent after the sanitization.
Additionally, there are, as usual, some other features and bugfixes:
-
Added sanitization of uploaded html content for session agendas and
minutes, and did some refactoring of the upload form classes. -
Replaced html sanitization code that called html5lib directly with calls
to bleach, and upgraded the requirements to let us use the latest html5lib
and bleach. -
Modified the sanitizer and upload handler to strip not only the tags, but
tags.
also the content of some tags, and to produce valid files (if the content
is otherwise valid) by wrapping the content in appropriate and -
If there are both WG milestone changes and a deletion marked for a
specific milesone, show bothChanged
andDeleted
labels on the
milestone review form. -
Changed the handling of the milestone edit form to defer deletion if it is
requested together with other changes to the same milestone. Instead show
a warning, and ask that deletion be done without simultaneous changes to
the milestone. -
Django's urlize filter does not deal well with adjacent parantheses.
Replaced it with a filter based on bleach.linkify, which does better, and
also replaced the use of the urlize() function with bleach.linkify(), to
avoid some exceptions caused by malformed urlize output, exposed by the
new sanitize_html(). -
Removed some dead code.
-
Made some per-group and per-session iCalendar links show only if
occurring in the future. -
Added individual session icalendar links on the group materials pages.
-
Added an error message for missing email address in extracted author
information during automated draft submission. -
Included mailing lists for groups in state
bof
on the non-WG mailing
list page, as that seems to match people's expectations better. Thiw was
triggered by the observation that theiasa20
list was not listed on the
page. -
Limited the lenght of the ipr document summary to 128, in order to not
produce overlong message subjects. Fixes a server 500 from 5 Mar 2018. -
The datatracker /html/ URLs don't currently accept revision numbers.
Fixed the URL in the announcement email for the time being. -
Fixed a typo. Fixes issue #2466.
Coverage