diff options
| author | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-10-04 11:14:59 +0200 |
|---|---|---|
| committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-10-04 11:15:04 +0200 |
| commit | 9c5bd1784ccfff00c8031ff03446b4ad7c5131be (patch) | |
| tree | c48a02504ac5e3116f53eebfee1c31ae536a91a9 /utility | |
| parent | f8e11569ef99fa1daf15a337a4d0f0d0fcc51742 (diff) | |
zendxml for faviconfetcher
Diffstat (limited to 'utility')
| -rw-r--r-- | utility/faviconfetcher.php | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/utility/faviconfetcher.php b/utility/faviconfetcher.php index a4ae54a6e..e05a76319 100644 --- a/utility/faviconfetcher.php +++ b/utility/faviconfetcher.php @@ -78,14 +78,14 @@ class FaviconFetcher { /** @noinspection PhpUndefinedFieldInspection */ if($file->body !== '') { - $document = new \DOMDocument(); - /** @noinspection PhpUndefinedFieldInspection */ - $loadEntities = libxml_disable_entity_loader(true); - @$document->loadHTML($file->body, LIBXML_NONET); - libxml_disable_entity_loader($loadEntities); - - if($document) { - $xpath = new \DOMXpath($document); + $dom = new \DOMDocument(); + + $dom = Security::scan($file->body, $dom, function ($xml, $dom) { + return @$dom->loadHTML($xml, LIBXML_NONET); + }); + + if($dom) { + $xpath = new \DOMXpath($dom); $elements = $xpath->query("//link[contains(@rel, 'icon')]"); if ($elements->length > 0) { |