Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-04-21 15:10:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

Add HTML Purify to BBCode::convert

Browse source 
- Replace previous HTML cleanup using DOMDocument
- Remove obsolete HTML::sanitizeCSS method
- Use Strings::autoLinkRegEx for PageInfo::getRelevantUrlFromBody
- Update previous tests expectations
- Add new specific XSS tests
This commit is contained in:
Hypolite Petovan 2020-12-04 07:27:13 -05:00
parent d8e3b841f8
commit a0f6d678c4
4 changed files with 83 additions and 111 deletions
Download patch file Download diff file Expand all files Collapse all files

21
src/Content/Text/HTML.php
View file

@ -36,27 +36,6 @@ use League\HTMLToMarkdown\HtmlConverter;
class HTML
{
public static function sanitizeCSS($input)
{
$cleaned = "";
$input = strtolower($input);
for ($i = 0; $i < strlen($input); $i++) {
$char = substr($input, $i, 1);
if (($char >= "a") && ($char <= "z")) {
$cleaned .= $char;
}
if (!(strpos(" #;:0123456789-_.%", $char) === false)) {
$cleaned .= $char;
}
}
return $cleaned;
}
/**
* Search all instances of a specific HTML tag node in the provided DOM document and replaces them with BBCode text nodes.
*