diff options
| -rw-r--r-- | functions.php | 7 | ||||
| -rw-r--r-- | tt-rss.css | 12 |
2 files changed, 19 insertions, 0 deletions
diff --git a/functions.php b/functions.php index 2e65f7a35..133a8ccf9 100644 --- a/functions.php +++ b/functions.php @@ -530,6 +530,13 @@ } + # sanitize content + $entry_content = preg_replace('/<script.*?>/i', + "<p class=\"scriptWarn\">", $entry_content); + + $entry_content = preg_replace('/<\/script>/i', + "</p>", $entry_content); + db_query($link, "BEGIN"); if (db_num_rows($result) == 0) { diff --git a/tt-rss.css b/tt-rss.css index f69d2444e..8d29213ba 100644 --- a/tt-rss.css +++ b/tt-rss.css @@ -1145,3 +1145,15 @@ span.debugTS { #backReqBox { display : none; } + +.scriptWarn:before { + content : "Disabled script:"; +} + +.scriptWarn { + color : white; + background-color : #903030; + border : 1px solid #601010; + padding : 3px; + font-weight : bold; +} |