diff options
| author | Andrew Dolgov <[email protected]> | 2012-10-29 16:01:41 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2012-10-29 16:01:41 +0400 |
| commit | db9e00e3395437258536df6cc8320627f873202e (patch) | |
| tree | 9882726f8acae93caa821d5aae33c873045f3a3a /include | |
| parent | b3682750bb59382681dafda3776e9e100e39d4e2 (diff) | |
api: sanitize article content
Diffstat (limited to 'include')
| -rw-r--r-- | include/functions.php | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/include/functions.php b/include/functions.php index 7a5211b5a..263d9d8fe 100644 --- a/include/functions.php +++ b/include/functions.php @@ -4585,7 +4585,8 @@ function api_get_headlines($link, $feed_id, $limit, $offset, $filter, $is_cat, $show_excerpt, $show_content, $view_mode, $order, $include_attachments, $since_id, - $search = "", $search_mode = "", $match_on = "", $include_nested = false) { + $search = "", $search_mode = "", $match_on = "", + $include_nested = false, $sanitize_content = true) { $qfh_ret = queryFeedHeadlines($link, $feed_id, $limit, $view_mode, $is_cat, $search, $search_mode, $match_on, @@ -4629,7 +4630,12 @@ } if ($show_content) { - $headline_row["content"] = $line["content_preview"]; + if ($sanitize_content) { + $headline_row["content"] = sanitize($link, + $line["content_preview"], false, false, $line["site_url"]); + } else { + $headline_row["content"] = $line["content_preview"]; + } } // unify label output to ease parsing |