diff options
author | Bernhard Posselt <nukeawhale@gmail.com> | 2013-05-04 00:15:41 +0200 |
---|---|---|
committer | Bernhard Posselt <nukeawhale@gmail.com> | 2013-05-04 00:15:41 +0200 |
commit | 10831dd274ff65d4852b47dbc398adae61845206 (patch) | |
tree | 9f9397bb7433fd53bfacf88d8c8b3cf2ef50e27d /dependencyinjection | |
parent | 7b628a3e4d105f2e571d0fe142d59f201d6a10d0 (diff) |
use html purifier for sanitation
Diffstat (limited to 'dependencyinjection')
-rw-r--r-- | dependencyinjection/dicontainer.php | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/dependencyinjection/dicontainer.php b/dependencyinjection/dicontainer.php index e6a137853..b1f8855ca 100644 --- a/dependencyinjection/dicontainer.php +++ b/dependencyinjection/dicontainer.php @@ -55,6 +55,8 @@ use \OCA\News\Utility\OPMLExporter; use \OCA\News\Utility\ImportParser; +require_once __DIR__ . '/../3rdparty/htmlpurifier/library/HTMLPurifier.auto.php'; + class DIContainer extends BaseContainer { @@ -72,14 +74,27 @@ class DIContainer extends BaseContainer { $this['simplePieCacheDuration'] = 30*60; // seconds $this['simplePieCacheDirectory'] = $this->share(function($c) { - $dir = $c['API']->getSystemValue('datadirectory') . + $directory = $c['API']->getSystemValue('datadirectory') . '/news/cache/simplepie'; - if(!is_dir($dir)) { - mkdir($dir, 0770, true); + if(!is_dir($directory)) { + mkdir($directory, 0770, true); + } + return $directory; + + }); + + $this['HTMLPurifier'] = $this->share(function($c) { + $directory = $c['API']->getSystemValue('datadirectory') . + '/news/cache/purifier'; + + if(!is_dir($directory)) { + mkdir($directory, 0770, true); } - return $dir; + $config = \HTMLPurifier_Config::createDefault(); + $config->set('Cache.SerializerPath', $directory); + return new \HTMLPurifier($config); }); @@ -199,7 +214,8 @@ class DIContainer extends BaseContainer { $c['FaviconFetcher'], $c['TimeFactory'], $c['simplePieCacheDirectory'], - $c['simplePieCacheDuration']); + $c['simplePieCacheDuration'], + $c['HTMLPurifier']); }); $this['TwitterFetcher'] = $this->share(function($c){ |