diff options
Diffstat (limited to 'articleenhancer')
-rw-r--r-- | articleenhancer/globalarticleenhancer.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/articleenhancer/globalarticleenhancer.php b/articleenhancer/globalarticleenhancer.php index 7d8385db2..14f92182d 100644 --- a/articleenhancer/globalarticleenhancer.php +++ b/articleenhancer/globalarticleenhancer.php @@ -32,10 +32,10 @@ class GlobalArticleEnhancer implements ArticleEnhancer { // inside <p> tags $body = '<div>' . $item->getBody() . '</div>'; - $loadEntities = libxml_disable_entity_loader(true); - @$dom->loadHTML($body, LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD - | LIBXML_NONET); - libxml_disable_entity_loader($loadEntities); + $dom = Security::scan($body, $dom, function ($xml, $dom) { + return @$dom->loadHTML($xml, LIBXML_HTML_NOIMPLIED + | LIBXML_HTML_NODEFDTD | LIBXML_NONET); + }); $xpath = new \DOMXpath($dom); |