diff options
| author | Andrew Dolgov <[email protected]> | 2013-03-17 15:53:42 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2013-03-17 15:55:41 +0400 |
| commit | 16ad9085ea0d2f1cb031528dffcfeeda557136ce (patch) | |
| tree | bf059876d193eb64d1cf0ffd1c78642d550a4167 /include | |
| parent | 7873d588227cba4c66e2535b1be631736415ef6f (diff) | |
sanitize: move htmlawed rewriting to execute last so that we can keep
LIBXML_NOEMPTYTAG to prevent stuck tags (which stil occur) and still
not cause duplicate br tags.
Diffstat (limited to 'include')
| -rw-r--r-- | include/functions.php | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/include/functions.php b/include/functions.php index bc8d48217..c8b3bbb90 100644 --- a/include/functions.php +++ b/include/functions.php @@ -2555,10 +2555,6 @@ $res = trim($str); if (!$res) return ''; - $config = array('safe' => 1, 'deny_attribute' => 'style, width, height, class, id', 'comment' => 1, 'cdata' => 1, 'balance' => 0); - $spec = 'img=width,height'; - $res = htmLawed($res, $config, $spec); - if (get_pref($link, "STRIP_IMAGES", $owner)) { $res = preg_replace('/<img[^>]+>/is', '', $res); } @@ -2601,7 +2597,13 @@ $node = $doc->getElementsByTagName('body')->item(0); - return $doc->saveXML($node); + $res = $doc->saveXML($node, LIBXML_NOEMPTYTAG); + + $config = array('safe' => 1, 'deny_attribute' => 'style, width, height, class, id', 'comment' => 1, 'cdata' => 1, 'balance' => 0); + $spec = 'img=width,height'; + $res = htmLawed($res, $config, $spec); + + return $res; } function check_for_update($link) { |