You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

45 lines
1.9KB

  1. Configuration Ideas
  2. Here are some theoretical configuration ideas that we could implement some
  3. time. Note the naming convention: %Namespace.Directive. If you want one
  4. implemented, give us a ring, and we'll move it up the priority chain.
  5. %Attr.RewriteFragments - if there's %Attr.IDPrefix we may want to transparently
  6. rewrite the URLs we parse too. However, we can only do it when it's a pure
  7. anchor link, so it's not foolproof
  8. %Attr.ClassBlacklist,
  9. %Attr.ClassWhitelist,
  10. %Attr.ClassPolicy - determines what classes are allowed. When
  11. %Attr.ClassPolicy is set to Blacklist, only allow those not in
  12. %Attr.ClassBlacklist. When it's Whitelist, only allow those in
  13. %Attr.ClassWhitelist.
  14. %Attr.MaxWidth,
  15. %Attr.MaxHeight - caps for width and height related checks.
  16. (the hack in Pixels for an image crashing attack could be replaced by this)
  17. %URI.AddRelNofollow - will add rel="nofollow" to all links, preventing the
  18. spread of ill-gotten pagerank
  19. %URI.HostBlacklistRegex - regexes that if matching the host are disallowed
  20. %URI.HostWhitelist - domain names that are excluded from the host blacklist
  21. %URI.HostPolicy - determines whether or not its reject all and then whitelist
  22. or allow all in then do specific blacklists with whitelist intervening.
  23. 'DenyAll' or 'AllowAll' (default)
  24. %URI.DisableIPHosts - URIs that have IP addresses for hosts are disallowed.
  25. Be sure to also grab unusual encodings (dword, hex and octal), which may
  26. be currently be caught by regular DNS
  27. %URI.DisableIDN - Disallow raw internationalized domain names. Punycode
  28. will still be permitted.
  29. %URI.ConvertUnusualIPHosts - transform dword/hex/octal IP addresses to the
  30. regular form
  31. %URI.ConvertAbsoluteDNS - Remove extra dots after host names that trigger
  32. absolute DNS. While this is actually the preferred method according to
  33. the RFC, most people opt to use a relative domain name relative to . (root).
  34. vim: et sw=4 sts=4