diff options
author | Andrew Dolgov <[email protected]> | 2021-06-18 11:20:57 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2021-06-18 11:20:57 +0300 |
commit | e9c062a189cfad71922fc576d636610da18006d4 (patch) | |
tree | 786eb11ef2108f481a854c806ba87113efe342eb /classes/sanitizer.php | |
parent | 34807bacd4b2d31b6268d839ccd5281db4ee4da2 (diff) |
UrlHelper::rewrite_relative():
- support invoking specifying owner URL element/attribute
- restrict mailto/magnet/tel schemes for A href
- allow some data: base64 image types for IMG src
Sanitizer::sanitize():
- when checking href and src attributes, pass element tagname and attribute to rewrite_relative()
Diffstat (limited to 'classes/sanitizer.php')
-rw-r--r-- | classes/sanitizer.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/classes/sanitizer.php b/classes/sanitizer.php index 07766dc16..0a444a296 100644 --- a/classes/sanitizer.php +++ b/classes/sanitizer.php @@ -74,7 +74,7 @@ class Sanitizer { if ($entry->hasAttribute('href')) { $entry->setAttribute('href', - rewrite_relative_url($rewrite_base_url, $entry->getAttribute('href'))); + UrlHelper::rewrite_relative($rewrite_base_url, $entry->getAttribute('href'), $entry->tagName, "href")); $entry->setAttribute('rel', 'noopener noreferrer'); $entry->setAttribute("target", "_blank"); @@ -82,7 +82,7 @@ class Sanitizer { if ($entry->hasAttribute('src')) { $entry->setAttribute('src', - rewrite_relative_url($rewrite_base_url, $entry->getAttribute('src'))); + UrlHelper::rewrite_relative($rewrite_base_url, $entry->getAttribute('src'), $entry->tagName, "src")); } if ($entry->nodeName == 'img') { @@ -94,7 +94,7 @@ class Sanitizer { $matches = RSSUtils::decode_srcset($entry->getAttribute('srcset')); for ($i = 0; $i < count($matches); $i++) { - $matches[$i]["url"] = rewrite_relative_url($rewrite_base_url, $matches[$i]["url"]); + $matches[$i]["url"] = UrlHelper::rewrite_relative($rewrite_base_url, $matches[$i]["url"]); } $entry->setAttribute("srcset", RSSUtils::encode_srcset($matches)); |