diff options
-rw-r--r-- | classes/pluginhost.php | 1 | ||||
-rw-r--r-- | include/functions.php | 23 | ||||
-rw-r--r-- | include/rssfuncs.php | 4 |
3 files changed, 8 insertions, 20 deletions
diff --git a/classes/pluginhost.php b/classes/pluginhost.php index 79544b01b..592629881 100644 --- a/classes/pluginhost.php +++ b/classes/pluginhost.php @@ -21,7 +21,6 @@ class PluginHost { const HOOK_RENDER_ARTICLE = 10; const HOOK_RENDER_ARTICLE_CDM = 11; const HOOK_FEED_FETCHED = 12; - const HOOK_SANITIZE = 13; const KIND_ALL = 1; const KIND_SYSTEM = 2; diff --git a/include/functions.php b/include/functions.php index ae9561337..2120a96b9 100644 --- a/include/functions.php +++ b/include/functions.php @@ -2597,25 +2597,12 @@ //$node = $doc->getElementsByTagName('body')->item(0); + $doc->removeChild($doc->firstChild); //remove doctype + $res = $doc->saveHTML(); - $beforehooks = $res; - - global $pluginhost; - if ($pluginhost) { - foreach ($pluginhost->get_hooks($pluginhost::HOOK_SANITIZE) as $p) { - $res = $p->hook_sanitize($res); - } - } - - // nothing changed, use standard filters - if ($beforehooks == $res) { - $doc->removeChild($doc->firstChild); //remove doctype - $res = $doc->saveHTML(); - - $config = array('safe' => 1, 'deny_attribute' => 'style, width, height, class, id', 'comment' => 1, 'cdata' => 1, 'balance' => 0); - $spec = 'img=width,height'; - $res = htmLawed($res, $config, $spec); - } + $config = array('safe' => 1, 'deny_attribute' => 'style, width, height, class, id', 'comment' => 1, 'cdata' => 1, 'balance' => 0); + $spec = 'img=width,height'; + $res = htmLawed($res, $config, $spec); return $res; } diff --git a/include/rssfuncs.php b/include/rssfuncs.php index a95280a31..1180b0adb 100644 --- a/include/rssfuncs.php +++ b/include/rssfuncs.php @@ -573,6 +573,8 @@ $entry_author = db_escape_string($article["author"]); $entry_link = db_escape_string($article["link"]); $entry_plugin_data = db_escape_string($article["plugin_data"]); + $entry_content = $article["content"]; // escaped below + if ($debug_enabled) { _debug("update_rss_feed: plugin data: $entry_plugin_data"); @@ -581,7 +583,7 @@ if ($cache_images && is_writable(CACHE_DIR . '/images')) $entry_content = cache_images($entry_content, $site_url, $debug_enabled); - $entry_content = db_escape_string($article["content"], false); + $entry_content = db_escape_string($entry_content, false); $content_hash = "SHA1:" . sha1($entry_content); |