From 7d9dd51cf4ac5947bbf15ff5d2b263ec8e1f72e9 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Wed, 29 Apr 2020 19:04:34 +0300
Subject: sanitize: remove srcset plain-http hack, globally disallow width and
 height attributes for all elements

---
 include/functions.php | 20 +-------------------
 1 file changed, 1 insertion(+), 19 deletions(-)

diff --git a/include/functions.php b/include/functions.php
index 532e48139..da409ed01 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -1283,24 +1283,6 @@
 			if ($entry->nodeName == 'img') {
 				$entry->setAttribute('referrerpolicy', 'no-referrer');
 				$entry->setAttribute('loading', 'lazy');
-
-				$entry->removeAttribute('width');
-				$entry->removeAttribute('height');
-
-				if ($entry->hasAttribute('src')) {
-					$is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';
-
-					if (is_prefix_https() && !$is_https_url) {
-
-						if ($entry->hasAttribute('srcset')) {
-							$entry->removeAttribute('srcset');
-						}
-
-						if ($entry->hasAttribute('sizes')) {
-							$entry->removeAttribute('sizes');
-						}
-					}
-				}
 			}
 
 			if ($entry->hasAttribute('srcset')) {
@@ -1379,7 +1361,7 @@
 
 		if ($_SESSION['hasSandbox']) $allowed_elements[] = 'iframe';
 
-		$disallowed_attributes = array('id', 'style', 'class');
+		$disallowed_attributes = array('id', 'style', 'class', 'width', 'height');
 
 		foreach (PluginHost::getInstance()->get_hooks(PluginHost::HOOK_SANITIZE) as $plugin) {
 			$retval = $plugin->hook_sanitize($doc, $site_url, $allowed_elements, $disallowed_attributes, $article_id);
-- 
cgit v1.2.3