diff options
author | Andrew Dolgov <[email protected]> | 2007-05-16 07:50:00 +0100 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2007-05-16 07:50:00 +0100 |
commit | f826eee150ca01f14f20d8a017bac43d8b0f2a04 (patch) | |
tree | 10407f7a2b09556fe02c8cac28b53f2b3d74ad1e | |
parent | 8fd55df16f27b12186328f9d570c818e0e19946f (diff) |
new option: STRIP_UNSAFE_TAGS
-rw-r--r-- | functions.php | 8 | ||||
-rw-r--r-- | schema/ttrss_schema_mysql.sql | 3 | ||||
-rw-r--r-- | schema/ttrss_schema_pgsql.sql | 3 | ||||
-rw-r--r-- | schema/versions/mysql/17.sql | 3 | ||||
-rw-r--r-- | schema/versions/pgsql/17.sql | 3 |
5 files changed, 18 insertions, 2 deletions
diff --git a/functions.php b/functions.php index 8ce6de89f..c8ad1c5ea 100644 --- a/functions.php +++ b/functions.php @@ -2608,10 +2608,10 @@ function sanitize_rss($str) { $res = $str; - $res = preg_replace('/<script.*?>/i', +/* $res = preg_replace('/<script.*?>/i', "<p class=\"scriptWarn\">Disabled script: ", $res); - $res = preg_replace('/<\/script.*?>/i', "</p>", $res); + $res = preg_replace('/<\/script.*?>/i', "</p>", $res); */ /* $res = preg_replace('/<embed.*?>/i', "", $res); @@ -2619,6 +2619,10 @@ "<p class=\"objectWarn\">(Disabled html object - flash or other embedded content)</p>", $res); */ + if (get_pref("STRIP_UNSAFE_TAGS")) { + $res = strip_tags($res, "<p><a><i><em><b><strong><blockquote><br><img>"); + } + return $res; } diff --git a/schema/ttrss_schema_mysql.sql b/schema/ttrss_schema_mysql.sql index 25c2ec95e..3ae452370 100644 --- a/schema/ttrss_schema_mysql.sql +++ b/schema/ttrss_schema_mysql.sql @@ -276,6 +276,9 @@ insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) valu insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('_INFOBOX_DISABLE_OVERLAY', 1, 'false', '', 1); +insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('STRIP_UNSAFE_TAGS', 1, 'true', 'Strip unsafe tags from articles', 3, +'This option strips all, but most common HTML tags when reading articles.'); + create table ttrss_user_prefs ( owner_uid integer not null, pref_name varchar(250), diff --git a/schema/ttrss_schema_pgsql.sql b/schema/ttrss_schema_pgsql.sql index ed109e5fd..b529a0a65 100644 --- a/schema/ttrss_schema_pgsql.sql +++ b/schema/ttrss_schema_pgsql.sql @@ -256,6 +256,9 @@ insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) valu insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('_INFOBOX_DISABLE_OVERLAY', 1, 'false', '', 1); +insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('STRIP_UNSAFE_TAGS', 1, 'true', 'Strip unsafe tags from articles', 3, +'This option strips all, but most common HTML tags when reading articles.'); + create table ttrss_user_prefs ( owner_uid integer not null references ttrss_users(id) ON DELETE CASCADE, pref_name varchar(250) not null references ttrss_prefs(pref_name) ON DELETE CASCADE, diff --git a/schema/versions/mysql/17.sql b/schema/versions/mysql/17.sql index 1416be2c1..3ddc5a13e 100644 --- a/schema/versions/mysql/17.sql +++ b/schema/versions/mysql/17.sql @@ -2,4 +2,7 @@ insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) valu insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('_INFOBOX_DISABLE_OVERLAY', 1, 'false', '', 1); +insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('STRIP_UNSAFE_TAGS', 1, 'true', 'Strip unsafe tags from articles', 3, +'This option strips all, but most common HTML tags when reading articles.'); + update ttrss_version set schema_version = 17; diff --git a/schema/versions/pgsql/17.sql b/schema/versions/pgsql/17.sql index 1416be2c1..3ddc5a13e 100644 --- a/schema/versions/pgsql/17.sql +++ b/schema/versions/pgsql/17.sql @@ -2,4 +2,7 @@ insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) valu insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id) values('_INFOBOX_DISABLE_OVERLAY', 1, 'false', '', 1); +insert into ttrss_prefs (pref_name,type_id,def_value,short_desc,section_id,help_text) values('STRIP_UNSAFE_TAGS', 1, 'true', 'Strip unsafe tags from articles', 3, +'This option strips all, but most common HTML tags when reading articles.'); + update ttrss_version set schema_version = 17; |