diff options
| author | Andrew Dolgov <[email protected]> | 2013-10-06 11:08:15 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2013-10-06 11:08:15 +0400 |
| commit | f44d59992edac23206f593e240f0e445c571b661 (patch) | |
| tree | a173c87f3124a8fc09b0a607dcd3b32a7eaf8a5b | |
| parent | ae3851b1b5c569fb0b626237731b23376ef1bbf5 (diff) | |
sanitize: remove doctype properly, add experimental workaround against unnecessary html elements in sanitized data
| -rw-r--r-- | include/functions.php | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/include/functions.php b/include/functions.php index e9b1270fb..c6ee6dfbd 100644 --- a/include/functions.php +++ b/include/functions.php @@ -2891,7 +2891,7 @@ } } - $doc->removeChild($doc->firstChild); //remove doctype + $doc->removeChild($doc->doctype); //remove doctype $doc = strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes); if ($highlight_words) { @@ -2924,7 +2924,19 @@ } } - $res = $doc->saveHTML(); + $body = $doc->getElementsByTagName("body")->item(0); + + if ($body) { + $div = $doc->createElement("div"); + + foreach ($body->childNodes as $child) { + $div->appendChild($child); + } + + $res = $doc->saveXML($div); + } else { + $res = $doc->saveHTML(); + } return $res; } |