Scrub all atom output with common_xml_safe_str()
This commit is contained in:
parent
7cdcb89dc9
commit
78f0d6bbd2
@ -1151,7 +1151,7 @@ class Notice extends Memcached_DataObject
|
|||||||
$xs->elementEnd('source');
|
$xs->elementEnd('source');
|
||||||
}
|
}
|
||||||
|
|
||||||
$xs->element('title', null, $this->content);
|
$xs->element('title', null, common_xml_safe_str($this->content));
|
||||||
|
|
||||||
if ($author) {
|
if ($author) {
|
||||||
$xs->raw($profile->asAtomAuthor());
|
$xs->raw($profile->asAtomAuthor());
|
||||||
@ -1227,7 +1227,11 @@ class Notice extends Memcached_DataObject
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$xs->element('content', array('type' => 'html'), $this->rendered);
|
$xs->element(
|
||||||
|
'content',
|
||||||
|
array('type' => 'html'),
|
||||||
|
common_xml_safe_str($this->rendered)
|
||||||
|
);
|
||||||
|
|
||||||
$tag = new Notice_tag();
|
$tag = new Notice_tag();
|
||||||
$tag->notice_id = $this->id;
|
$tag->notice_id = $this->id;
|
||||||
|
@ -379,7 +379,7 @@ class User_group extends Memcached_DataObject
|
|||||||
}
|
}
|
||||||
|
|
||||||
$xs->element('title', null, $this->nickname);
|
$xs->element('title', null, $this->nickname);
|
||||||
$xs->element('summary', null, $this->description);
|
$xs->element('summary', null, common_xml_safe_str($this->description));
|
||||||
|
|
||||||
$xs->element('link', array('rel' => 'alternate',
|
$xs->element('link', array('rel' => 'alternate',
|
||||||
'href' => $this->permalink()));
|
'href' => $this->permalink()));
|
||||||
@ -389,7 +389,11 @@ class User_group extends Memcached_DataObject
|
|||||||
$xs->element('published', null, common_date_w3dtf($this->created));
|
$xs->element('published', null, common_date_w3dtf($this->created));
|
||||||
$xs->element('updated', null, common_date_w3dtf($this->modified));
|
$xs->element('updated', null, common_date_w3dtf($this->modified));
|
||||||
|
|
||||||
$xs->element('content', array('type' => 'html'), $this->description);
|
$xs->element(
|
||||||
|
'content',
|
||||||
|
array('type' => 'html'),
|
||||||
|
common_xml_safe_str($this->description)
|
||||||
|
);
|
||||||
|
|
||||||
$xs->elementEnd('entry');
|
$xs->elementEnd('entry');
|
||||||
|
|
||||||
|
@ -78,7 +78,7 @@ class PoCoAddress
|
|||||||
if (!empty($this->formatted)) {
|
if (!empty($this->formatted)) {
|
||||||
$xs = new XMLStringer(true);
|
$xs = new XMLStringer(true);
|
||||||
$xs->elementStart('poco:address');
|
$xs->elementStart('poco:address');
|
||||||
$xs->element('poco:formatted', null, $this->formatted);
|
$xs->element('poco:formatted', null, common_xml_safe_str($this->formatted));
|
||||||
$xs->elementEnd('poco:address');
|
$xs->elementEnd('poco:address');
|
||||||
return $xs->getString();
|
return $xs->getString();
|
||||||
}
|
}
|
||||||
@ -279,7 +279,7 @@ class PoCo
|
|||||||
);
|
);
|
||||||
|
|
||||||
if (!empty($this->note)) {
|
if (!empty($this->note)) {
|
||||||
$xs->element('poco:note', null, $this->note);
|
$xs->element('poco:note', null, common_xml_safe_str($this->note));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($this->address)) {
|
if (!empty($this->address)) {
|
||||||
@ -805,7 +805,6 @@ class ActivityObject
|
|||||||
return $object;
|
return $object;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
function asString($tag='activity:object')
|
function asString($tag='activity:object')
|
||||||
{
|
{
|
||||||
$xs = new XMLStringer(true);
|
$xs = new XMLStringer(true);
|
||||||
@ -817,16 +816,28 @@ class ActivityObject
|
|||||||
$xs->element(self::ID, null, $this->id);
|
$xs->element(self::ID, null, $this->id);
|
||||||
|
|
||||||
if (!empty($this->title)) {
|
if (!empty($this->title)) {
|
||||||
$xs->element(self::TITLE, null, $this->title);
|
$xs->element(
|
||||||
|
self::TITLE,
|
||||||
|
null,
|
||||||
|
common_xml_safe_str($this->title)
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($this->summary)) {
|
if (!empty($this->summary)) {
|
||||||
$xs->element(self::SUMMARY, null, $this->summary);
|
$xs->element(
|
||||||
|
self::SUMMARY,
|
||||||
|
null,
|
||||||
|
common_xml_safe_str($this->summary)
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($this->content)) {
|
if (!empty($this->content)) {
|
||||||
// XXX: assuming HTML content here
|
// XXX: assuming HTML content here
|
||||||
$xs->element(ActivityUtils::CONTENT, array('type' => 'html'), $this->content);
|
$xs->element(
|
||||||
|
ActivityUtils::CONTENT,
|
||||||
|
array('type' => 'html'),
|
||||||
|
common_xml_safe_str($this->content)
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($this->link)) {
|
if (!empty($this->link)) {
|
||||||
|
@ -743,8 +743,12 @@ class ApiAction extends Action
|
|||||||
function showTwitterAtomEntry($entry)
|
function showTwitterAtomEntry($entry)
|
||||||
{
|
{
|
||||||
$this->elementStart('entry');
|
$this->elementStart('entry');
|
||||||
$this->element('title', null, $entry['title']);
|
$this->element('title', null, common_xml_safe_str($entry['title']));
|
||||||
$this->element('content', array('type' => 'html'), $entry['content']);
|
$this->element(
|
||||||
|
'content',
|
||||||
|
array('type' => 'html'),
|
||||||
|
common_xml_safe_str($entry['content'])
|
||||||
|
);
|
||||||
$this->element('id', null, $entry['id']);
|
$this->element('id', null, $entry['id']);
|
||||||
$this->element('published', null, $entry['published']);
|
$this->element('published', null, $entry['published']);
|
||||||
$this->element('updated', null, $entry['updated']);
|
$this->element('updated', null, $entry['updated']);
|
||||||
@ -859,7 +863,7 @@ class ApiAction extends Action
|
|||||||
|
|
||||||
$this->initDocument('atom');
|
$this->initDocument('atom');
|
||||||
|
|
||||||
$this->element('title', null, $title);
|
$this->element('title', null, common_xml_safe_str($title));
|
||||||
$this->element('id', null, $id);
|
$this->element('id', null, $id);
|
||||||
$this->element('link', array('href' => $link, 'rel' => 'alternate', 'type' => 'text/html'), null);
|
$this->element('link', array('href' => $link, 'rel' => 'alternate', 'type' => 'text/html'), null);
|
||||||
|
|
||||||
@ -869,7 +873,7 @@ class ApiAction extends Action
|
|||||||
}
|
}
|
||||||
|
|
||||||
$this->element('updated', null, common_date_iso8601('now'));
|
$this->element('updated', null, common_date_iso8601('now'));
|
||||||
$this->element('subtitle', null, $subtitle);
|
$this->element('subtitle', null, common_xml_safe_str($subtitle));
|
||||||
|
|
||||||
if (is_array($group)) {
|
if (is_array($group)) {
|
||||||
foreach ($group as $g) {
|
foreach ($group as $g) {
|
||||||
|
Loading…
Reference in New Issue
Block a user