properly sanitize video poster attribute
This commit is contained in:
parent
8ed927dbd2
commit
949e2ab4d2
|
@ -68,7 +68,7 @@ class Sanitizer {
|
|||
// $rewrite_base_url = $site_url ? $site_url : Config::get_self_url();
|
||||
$rewrite_base_url = $site_url ? $site_url : "http://domain.invalid/";
|
||||
|
||||
$entries = $xpath->query('(//a[@href]|//img[@src]|//source[@srcset|@src])');
|
||||
$entries = $xpath->query('(//a[@href]|//img[@src]|//source[@srcset|@src]|//video[@poster])');
|
||||
|
||||
foreach ($entries as $entry) {
|
||||
|
||||
|
@ -100,6 +100,11 @@ class Sanitizer {
|
|||
$entry->setAttribute("srcset", RSSUtils::encode_srcset($matches));
|
||||
}
|
||||
|
||||
if ($entry->hasAttribute('poster')) {
|
||||
$entry->setAttribute('poster',
|
||||
UrlHelper::rewrite_relative($rewrite_base_url, $entry->getAttribute('poster'), $entry->tagName, "poster"));
|
||||
}
|
||||
|
||||
if ($entry->hasAttribute('src') &&
|
||||
($owner && get_pref(Prefs::STRIP_IMAGES, $owner)) || $force_remove_images || ($_SESSION["bw_limit"] ?? false)) {
|
||||
|
||||
|
|
Loading…
Reference in New Issue