diff options
author | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-10-04 13:55:49 +0200 |
---|---|---|
committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-10-04 13:55:49 +0200 |
commit | c94a473e7580ec49ae46c3f9fc229f1d424b2413 (patch) | |
tree | 03f729b9efc4aa442f130a8152857278ab31e8ee /articleenhancer | |
parent | 8ecc37bafc86fdf954ea5606b87f04a7bae54570 (diff) |
fix php-fpm issues
Diffstat (limited to 'articleenhancer')
-rw-r--r-- | articleenhancer/xpatharticleenhancer.php | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/articleenhancer/xpatharticleenhancer.php b/articleenhancer/xpatharticleenhancer.php index 3edaad695..c80e0c92d 100644 --- a/articleenhancer/xpatharticleenhancer.php +++ b/articleenhancer/xpatharticleenhancer.php @@ -70,9 +70,9 @@ class XPathArticleEnhancer implements ArticleEnhancer { $dom = new \DOMDocument(); - $loadEntities = libxml_disable_entity_loader(true); - @$dom->loadHTML($body); - libxml_disable_entity_loader($loadEntities); + Security::scan($body, $dom, function ($xml, $dom) { + return @$dom->loadHTML($xml, LIBXML_NONET); + }); $xpath = new \DOMXpath($dom); $xpathResult = $xpath->evaluate($search); @@ -136,12 +136,13 @@ class XPathArticleEnhancer implements ArticleEnhancer { $dom->preserveWhiteSpace = false; // return, if xml is empty or loading the HTML fails - $loadEntities = libxml_disable_entity_loader(true); - if( trim($xmlString) == "" || !@$dom->loadHTML($xmlString) ) { - libxml_disable_entity_loader($loadEntities); + $isLoaded = Security::scan($xmlString, $dom, function ($xml, $dom) { + return @$dom->loadHTML($xml, LIBXML_NONET); + }); + + if( trim($xmlString) == "" || !$isLoaded ) { return $xmlString; } - libxml_disable_entity_loader($loadEntities); // remove <!DOCTYPE $dom->removeChild($dom->firstChild); |