Corrections
* Corrected GoogleBridge (URI extraction was incorrect) * Corrected ATOM format: * mime-type was incorrect * Hyperlinks were not clickable. * non-UTF8 characters are now properly filtered. * Corrected HTML format output: * Hyperlinks were not clickable. * Corrected error message when SimpleHtmlDom library is not installed. * Added changelog.
This commit is contained in:
Sebastien SAUVAGE
parent
a84f111d8f
commit
4bf90735ef
7 changed files with 70 additions and 24 deletions
lib
|
|
@ -90,6 +90,23 @@ abstract class FormatAbstract implements FormatInterface{
|
|||
|
||||
return $this->extraInfos;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sanitized html while leaving it functionnal.
|
||||
* The aim is to keep html as-is (with clickable hyperlinks)
|
||||
* while reducing annoying and potentially dangerous things.
|
||||
* Yes, I know sanitizing HTML 100% is an impossible task.
|
||||
* Maybe we'll switch to http://htmlpurifier.org/
|
||||
* or http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/index.php
|
||||
*/
|
||||
public function sanitizeHtml($html)
|
||||
{
|
||||
$html = str_replace('<script','<‌script',$html); // Disable scripts, but leave them visible.
|
||||
$html = str_replace('<iframe','<‌iframe',$html);
|
||||
$html = str_replace('<link','<‌link',$html);
|
||||
// We leave alone object and embed so that videos can play in RSS readers.
|
||||
return $html;
|
||||
}
|
||||
}
|
||||
|
||||
class Format{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue