mirror of
https://tt-rss.org/git/tt-rss.git
synced 2024-06-29 12:20:51 +02:00
sanitize: simplify initial attribute processing
This commit is contained in:
parent
7d9dd51cf4
commit
e934e9f05e
|
@ -1264,7 +1264,7 @@
|
||||||
|
|
||||||
$rewrite_base_url = $site_url ? $site_url : get_self_url_prefix();
|
$rewrite_base_url = $site_url ? $site_url : get_self_url_prefix();
|
||||||
|
|
||||||
$entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src]|//picture/source[@src]|//picture/source[@srcset])');
|
$entries = $xpath->query('(//a[@href]|//img[@src]|//source[@srcset|@src])');
|
||||||
|
|
||||||
foreach ($entries as $entry) {
|
foreach ($entries as $entry) {
|
||||||
|
|
||||||
|
@ -1273,11 +1273,12 @@
|
||||||
rewrite_relative_url($rewrite_base_url, $entry->getAttribute('href')));
|
rewrite_relative_url($rewrite_base_url, $entry->getAttribute('href')));
|
||||||
|
|
||||||
$entry->setAttribute('rel', 'noopener noreferrer');
|
$entry->setAttribute('rel', 'noopener noreferrer');
|
||||||
|
$entry->setAttribute("target", "_blank");
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($entry->hasAttribute('src')) {
|
if ($entry->hasAttribute('src')) {
|
||||||
$src = rewrite_relative_url($rewrite_base_url, $entry->getAttribute('src'));
|
$entry->setAttribute('src',
|
||||||
$entry->setAttribute('src', $src);
|
rewrite_relative_url($rewrite_base_url, $entry->getAttribute('src')));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($entry->nodeName == 'img') {
|
if ($entry->nodeName == 'img') {
|
||||||
|
@ -1321,17 +1322,10 @@
|
||||||
$entry->parentNode->parentNode->replaceChild($p, $entry->parentNode);
|
$entry->parentNode->parentNode->replaceChild($p, $entry->parentNode);
|
||||||
|
|
||||||
} else if ($entry->nodeName == 'img') {
|
} else if ($entry->nodeName == 'img') {
|
||||||
|
|
||||||
if ($entry->parentNode)
|
if ($entry->parentNode)
|
||||||
$entry->parentNode->replaceChild($p, $entry);
|
$entry->parentNode->replaceChild($p, $entry);
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (strtolower($entry->nodeName) == "a") {
|
|
||||||
$entry->setAttribute("target", "_blank");
|
|
||||||
$entry->setAttribute("rel", "noopener noreferrer");
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$entries = $xpath->query('//iframe');
|
$entries = $xpath->query('//iframe');
|
||||||
|
@ -1377,7 +1371,7 @@
|
||||||
$doc->removeChild($doc->firstChild); //remove doctype
|
$doc->removeChild($doc->firstChild); //remove doctype
|
||||||
$doc = strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes);
|
$doc = strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes);
|
||||||
|
|
||||||
if ($highlight_words) {
|
if ($highlight_words && is_array($highlight_words)) {
|
||||||
foreach ($highlight_words as $word) {
|
foreach ($highlight_words as $word) {
|
||||||
|
|
||||||
// http://stackoverflow.com/questions/4081372/highlight-keywords-in-a-paragraph
|
// http://stackoverflow.com/questions/4081372/highlight-keywords-in-a-paragraph
|
||||||
|
@ -1767,6 +1761,7 @@
|
||||||
*/
|
*/
|
||||||
function error_json($code) {
|
function error_json($code) {
|
||||||
require_once "errors.php";
|
require_once "errors.php";
|
||||||
|
global $ERRORS;
|
||||||
|
|
||||||
@$message = $ERRORS[$code];
|
@$message = $ERRORS[$code];
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user