update picofeed, fix #723

author: Bernhard Posselt <dev@bernhard-posselt.com> 2015-02-24 09:31:49 +0100
committer: Bernhard Posselt <dev@bernhard-posselt.com> 2015-02-24 09:31:59 +0100
commit: 3195dfe402da058bf2c1a91f7d1331bf42ee2973 (patch)
tree: a797bde18cfcd5d3e5067ec2fe3b293c1f7f0647 /vendor/fguillot/picofeed/lib/PicoFeed/Filter
parent: 4ca9f79b1c4350ba31871074d889e01b55158294 (diff)
2 files changed, 49 insertions, 1 deletions
diff --git a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php
index 7d6880c69..4e046603f 100644
--- a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php
+++ b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php
@@ -121,6 +121,8 @@ class Html
      */
     public function execute()
     {
+        $this->preFilter();
+
         $parser = xml_parser_create();
 
         xml_set_object($parser, $this);
@@ -136,6 +138,16 @@ class Html
     }
 
     /**
+     * Called before XML parsing
+     *
+     * @access public
+     */
+    public function preFilter()
+    {
+        $this->input = $this->tag->removeBlacklistedTags($this->input);
+    }
+
+    /**
      * Called after XML parsing
      *
      * @access public
diff --git a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php
index 40f7c6c98..647b7352f 100644
--- a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php
+++ b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php
@@ -2,6 +2,9 @@
 
 namespace PicoFeed\Filter;
 
+use DOMXpath;
+use PicoFeed\Parser\XmlParser;
+
 /**
  * Tag Filter class
  *
@@ -11,6 +14,17 @@ namespace PicoFeed\Filter;
 class Tag
 {
     /**
+     * Tags blacklist (Xpath expressions)
+     *
+     * @access private
+     * @var array
+     */
+    private $tag_blacklist = array(
+        '//script',
+        '//style',
+    );
+
+    /**
      * Tags whitelist
      *
      * @access private
@@ -104,7 +118,7 @@ class Tag
      */
     public function isSelfClosingTag($tag)
     {
-        return in_array($tag, array('br', 'img'));
+        return $tag === 'br' || $tag === 'img';
     }
 
     /**
@@ -135,6 +149,28 @@ class Tag
     }
 
     /**
+     * Remove script tags
+     *
+     * @access public
+     * @param  string  $data  Input data
+     * @return string
+     */
+    public function removeBlacklistedTags($data)
+    {
+        $dom = XmlParser::getDomDocument($data);
+        $xpath = new DOMXpath($dom);
+
+        $nodes = $xpath->query(implode(' | ', $this->tag_blacklist));
+
+        foreach ($nodes as $node) {
+            $node->parentNode->removeChild($node);
+        }
+
+        return $dom->saveXML();
+    }
+
+
+    /**
      * Remove empty tags
      *
      * @access public
author	Bernhard Posselt <dev@bernhard-posselt.com>	2015-02-24 09:31:49 +0100
committer	Bernhard Posselt <dev@bernhard-posselt.com>	2015-02-24 09:31:59 +0100
commit	3195dfe402da058bf2c1a91f7d1331bf42ee2973 (patch)
tree	a797bde18cfcd5d3e5067ec2fe3b293c1f7f0647 /vendor/fguillot/picofeed/lib/PicoFeed/Filter
parent	4ca9f79b1c4350ba31871074d889e01b55158294 (diff)