new option: STRIP_UNSAFE_TAGS (utilized)
This commit is contained in:
parent
f826eee150
commit
007a38d4c3
|
@ -630,7 +630,7 @@
|
||||||
|
|
||||||
# sanitize content
|
# sanitize content
|
||||||
|
|
||||||
$entry_content = sanitize_rss($entry_content);
|
// $entry_content = sanitize_rss($entry_content);
|
||||||
|
|
||||||
if (defined('DAEMON_EXTENDED_DEBUG')) {
|
if (defined('DAEMON_EXTENDED_DEBUG')) {
|
||||||
_debug("update_rss_feed: done collecting data [TITLE:$entry_title]");
|
_debug("update_rss_feed: done collecting data [TITLE:$entry_title]");
|
||||||
|
@ -2605,7 +2605,7 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function sanitize_rss($str) {
|
function sanitize_rss($link, $str) {
|
||||||
$res = $str;
|
$res = $str;
|
||||||
|
|
||||||
/* $res = preg_replace('/<script.*?>/i',
|
/* $res = preg_replace('/<script.*?>/i',
|
||||||
|
@ -2619,7 +2619,7 @@
|
||||||
"<p class=\"objectWarn\">(Disabled html object
|
"<p class=\"objectWarn\">(Disabled html object
|
||||||
- flash or other embedded content)</p>", $res); */
|
- flash or other embedded content)</p>", $res); */
|
||||||
|
|
||||||
if (get_pref("STRIP_UNSAFE_TAGS")) {
|
if (get_pref($link, "STRIP_UNSAFE_TAGS")) {
|
||||||
$res = strip_tags($res, "<p><a><i><em><b><strong><blockquote><br><img>");
|
$res = strip_tags($res, "<p><a><i><em><b><strong><blockquote><br><img>");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2750,8 +2750,8 @@
|
||||||
|
|
||||||
$latest_version = trim(preg_replace("/(Milestone)|(completed)/", "", $latest_item["title"]));
|
$latest_version = trim(preg_replace("/(Milestone)|(completed)/", "", $latest_item["title"]));
|
||||||
|
|
||||||
$release_url = sanitize_rss($latest_item["link"]);
|
$release_url = sanitize_rss($link, $latest_item["link"]);
|
||||||
$content = sanitize_rss($latest_item["description"]);
|
$content = sanitize_rss($link, $latest_item["description"]);
|
||||||
|
|
||||||
if (version_compare(VERSION, $latest_version) == -1) {
|
if (version_compare(VERSION, $latest_version) == -1) {
|
||||||
if ($brief_fmt) {
|
if ($brief_fmt) {
|
||||||
|
@ -3520,7 +3520,7 @@
|
||||||
$line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
|
$line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
|
||||||
}
|
}
|
||||||
|
|
||||||
$line["content"] = sanitize_rss($line["content"]);
|
$line["content"] = sanitize_rss($link, $line["content"]);
|
||||||
|
|
||||||
print $line["content"] . "</div>";
|
print $line["content"] . "</div>";
|
||||||
|
|
||||||
|
|
10
viewfeed.js
10
viewfeed.js
|
@ -46,7 +46,13 @@ function headlines_callback() {
|
||||||
var counters = xmlhttp.responseXML.getElementsByTagName("counters")[0];
|
var counters = xmlhttp.responseXML.getElementsByTagName("counters")[0];
|
||||||
var articles = xmlhttp.responseXML.getElementsByTagName("article");
|
var articles = xmlhttp.responseXML.getElementsByTagName("article");
|
||||||
|
|
||||||
f.innerHTML = headlines.firstChild.nodeValue;
|
if (headlines) {
|
||||||
|
f.innerHTML = headlines.firstChild.nodeValue;
|
||||||
|
} else {
|
||||||
|
debug("headlines_callback: returned no data");
|
||||||
|
f.innerHTML = "<div class='whiteBox'>" + __('Could not update headlines (missing XML data)') + "</div>";
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
if (articles) {
|
if (articles) {
|
||||||
for (var i = 0; i < articles.length; i++) {
|
for (var i = 0; i < articles.length; i++) {
|
||||||
|
@ -54,6 +60,8 @@ function headlines_callback() {
|
||||||
debug("found id: " + a_id);
|
debug("found id: " + a_id);
|
||||||
cache_inject(a_id, articles[i].firstChild.nodeValue);
|
cache_inject(a_id, articles[i].firstChild.nodeValue);
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
debug("no cached articles received");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (counters) {
|
if (counters) {
|
||||||
|
|
Loading…
Reference in New Issue