From f826eee150ca01f14f20d8a017bac43d8b0f2a04 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.spb.ru>
Date: Wed, 16 May 2007 07:50:00 +0100
Subject: new option: STRIP_UNSAFE_TAGS

---
 functions.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'functions.php')

diff --git a/functions.php b/functions.php
index 8ce6de89f..c8ad1c5ea 100644
--- a/functions.php
+++ b/functions.php
@@ -2608,10 +2608,10 @@
 	function sanitize_rss($str) {
 		$res = $str;
 
-		$res = preg_replace('/<script.*?>/i', 
+/*		$res = preg_replace('/<script.*?>/i', 
 			"<p class=\"scriptWarn\">Disabled script: ", $res);
 
-		$res = preg_replace('/<\/script.*?>/i', "</p>", $res);
+		$res = preg_replace('/<\/script.*?>/i', "</p>", $res); */
 
 /*		$res = preg_replace('/<embed.*?>/i', "", $res);
 
@@ -2619,6 +2619,10 @@
 			"<p class=\"objectWarn\">(Disabled html object 
 			- flash or other embedded content)</p>", $res);  */
 
+		if (get_pref("STRIP_UNSAFE_TAGS")) {
+			$res = strip_tags($res, "<p><a><i><em><b><strong><blockquote><br><img>");
+		}
+
 		return $res;
 	}
 
-- 
cgit v1.2.3