eliseuamaro/gnu-social
1
0
Fork 0
forked from GNUsocial/gnu-social
Code Issues Pull Requests Releases Wiki Activity

Purify oembed html (again)

Browse Source 
For a commit or two we didn't do this, because htmLawed failed to filter
out CDATA javascript properly, but now we use HTML Purifier which works.
This commit is contained in:
Mikael Nordfeldth 2016-01-28 19:01:45 +01:00
parent 7e6783bb8f
commit fb7f572eed
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/Oembed/lib/oembedhelper.php
View File

@ -198,6 +198,9 @@ class oEmbedHelper
} }
$oembed_data = HTTPClient::quickGetJson($api, $params); $oembed_data = HTTPClient::quickGetJson($api, $params);
if (isset($oembed_data->html)) {
$oembed_data->html = common_purify($oembed_data->html);
}
return $oembed_data; return $oembed_data;
} }