fix php-fpm issues

1 files changed, 8 insertions, 7 deletions

diff --git a/articleenhancer/xpatharticleenhancer.php b/articleenhancer/xpatharticleenhancer.php
index 3edaad695..c80e0c92d 100644
--- a/articleenhancer/xpatharticleenhancer.php
+++ b/articleenhancer/xpatharticleenhancer.php
@@ -70,9 +70,9 @@ class XPathArticleEnhancer implements ArticleEnhancer {
 
 				$dom = new \DOMDocument();
 
-				$loadEntities = libxml_disable_entity_loader(true);
-				@$dom->loadHTML($body);
-				libxml_disable_entity_loader($loadEntities);
+				Security::scan($body, $dom, function ($xml, $dom) {
+					return @$dom->loadHTML($xml, LIBXML_NONET);
+				});
 
 				$xpath = new \DOMXpath($dom);
 				$xpathResult = $xpath->evaluate($search);
@@ -136,12 +136,13 @@ class XPathArticleEnhancer implements ArticleEnhancer {
 		$dom->preserveWhiteSpace = false;
 
 		// return, if xml is empty or loading the HTML fails
-		$loadEntities = libxml_disable_entity_loader(true);
-		if( trim($xmlString) == "" || !@$dom->loadHTML($xmlString) ) {
-			libxml_disable_entity_loader($loadEntities);
+		$isLoaded = Security::scan($xmlString, $dom, function ($xml, $dom) {
+			return @$dom->loadHTML($xml, LIBXML_NONET);
+		});
+
+		if( trim($xmlString) == "" || !$isLoaded ) {
 			return $xmlString;
 		}
-		libxml_disable_entity_loader($loadEntities);
 
 		// remove <!DOCTYPE
 		$dom->removeChild($dom->firstChild);