diff options
author | Bernhard Posselt <dev@bernhard-posselt.com> | 2015-02-24 09:31:49 +0100 |
---|---|---|
committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2015-02-24 09:31:59 +0100 |
commit | 3195dfe402da058bf2c1a91f7d1331bf42ee2973 (patch) | |
tree | a797bde18cfcd5d3e5067ec2fe3b293c1f7f0647 /vendor/fguillot/picofeed/lib/PicoFeed/Filter | |
parent | 4ca9f79b1c4350ba31871074d889e01b55158294 (diff) |
update picofeed, fix #723
Diffstat (limited to 'vendor/fguillot/picofeed/lib/PicoFeed/Filter')
-rw-r--r-- | vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php | 12 | ||||
-rw-r--r-- | vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php | 38 |
2 files changed, 49 insertions, 1 deletions
diff --git a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php index 7d6880c69..4e046603f 100644 --- a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php +++ b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Html.php @@ -121,6 +121,8 @@ class Html */ public function execute() { + $this->preFilter(); + $parser = xml_parser_create(); xml_set_object($parser, $this); @@ -136,6 +138,16 @@ class Html } /** + * Called before XML parsing + * + * @access public + */ + public function preFilter() + { + $this->input = $this->tag->removeBlacklistedTags($this->input); + } + + /** * Called after XML parsing * * @access public diff --git a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php index 40f7c6c98..647b7352f 100644 --- a/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php +++ b/vendor/fguillot/picofeed/lib/PicoFeed/Filter/Tag.php @@ -2,6 +2,9 @@ namespace PicoFeed\Filter; +use DOMXpath; +use PicoFeed\Parser\XmlParser; + /** * Tag Filter class * @@ -11,6 +14,17 @@ namespace PicoFeed\Filter; class Tag { /** + * Tags blacklist (Xpath expressions) + * + * @access private + * @var array + */ + private $tag_blacklist = array( + '//script', + '//style', + ); + + /** * Tags whitelist * * @access private @@ -104,7 +118,7 @@ class Tag */ public function isSelfClosingTag($tag) { - return in_array($tag, array('br', 'img')); + return $tag === 'br' || $tag === 'img'; } /** @@ -135,6 +149,28 @@ class Tag } /** + * Remove script tags + * + * @access public + * @param string $data Input data + * @return string + */ + public function removeBlacklistedTags($data) + { + $dom = XmlParser::getDomDocument($data); + $xpath = new DOMXpath($dom); + + $nodes = $xpath->query(implode(' | ', $this->tag_blacklist)); + + foreach ($nodes as $node) { + $node->parentNode->removeChild($node); + } + + return $dom->saveXML(); + } + + + /** * Remove empty tags * * @access public |