diff options
| author | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-10-04 11:12:59 +0200 |
|---|---|---|
| committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-10-04 11:15:04 +0200 |
| commit | f8e11569ef99fa1daf15a337a4d0f0d0fcc51742 (patch) | |
| tree | f3676c52c996a1115b905a81a0a4178739e5587a | |
| parent | feb20ad8b27e973c95d9ebf3b41aa3a125318ef5 (diff) | |
zendxml for global enhancer
| -rw-r--r-- | articleenhancer/globalarticleenhancer.php | 8 | ||||
| -rw-r--r-- | tests/classloader.php | 1 |
2 files changed, 5 insertions, 4 deletions
diff --git a/articleenhancer/globalarticleenhancer.php b/articleenhancer/globalarticleenhancer.php index 7d8385db2..14f92182d 100644 --- a/articleenhancer/globalarticleenhancer.php +++ b/articleenhancer/globalarticleenhancer.php @@ -32,10 +32,10 @@ class GlobalArticleEnhancer implements ArticleEnhancer { // inside <p> tags $body = '<div>' . $item->getBody() . '</div>'; - $loadEntities = libxml_disable_entity_loader(true); - @$dom->loadHTML($body, LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD - | LIBXML_NONET); - libxml_disable_entity_loader($loadEntities); + $dom = Security::scan($body, $dom, function ($xml, $dom) { + return @$dom->loadHTML($xml, LIBXML_HTML_NOIMPLIED + | LIBXML_HTML_NODEFDTD | LIBXML_NONET); + }); $xpath = new \DOMXpath($dom); diff --git a/tests/classloader.php b/tests/classloader.php index fc133eaf5..ef3849849 100644 --- a/tests/classloader.php +++ b/tests/classloader.php @@ -11,6 +11,7 @@ * @copyright Bernhard Posselt 2012, 2014 */ +require_once __DIR__ . '/../3rdparty/ZendXml/vendor/autoload.php'; require_once __DIR__ . '/../3rdparty/simplepie/autoloader.php'; require_once __DIR__ . '/../../../tests/lib/appframework/db/mappertestutility.php'; |