diff options
| author | Andrew Dolgov <[email protected]> | 2012-10-29 16:01:41 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2012-10-29 16:01:41 +0400 |
| commit | db9e00e3395437258536df6cc8320627f873202e (patch) | |
| tree | 9882726f8acae93caa821d5aae33c873045f3a3a /classes | |
| parent | b3682750bb59382681dafda3776e9e100e39d4e2 (diff) | |
api: sanitize article content
Diffstat (limited to 'classes')
| -rw-r--r-- | classes/api.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/classes/api.php b/classes/api.php index 744e67ce6..6e5ed4aa8 100644 --- a/classes/api.php +++ b/classes/api.php @@ -187,6 +187,7 @@ class API extends Handler { $include_attachments = (bool)db_escape_string($_REQUEST["include_attachments"]); $since_id = (int)db_escape_string($_REQUEST["since_id"]); $include_nested = (bool)db_escape_string($_REQUEST["include_nested"]); + $sanitize_content = true; /* do not rely on params below */ @@ -197,7 +198,7 @@ class API extends Handler { $headlines = api_get_headlines($this->link, $feed_id, $limit, $offset, $filter, $is_cat, $show_excerpt, $show_content, $view_mode, false, $include_attachments, $since_id, $search, $search_mode, $match_on, - $include_nested); + $include_nested, $sanitize_content); print $this->wrap(self::STATUS_OK, $headlines); } else { |