summaryrefslogtreecommitdiffstats
path: root/utility
diff options
context:
space:
mode:
Diffstat (limited to 'utility')
-rw-r--r--utility/feedfetcher.php8
1 files changed, 6 insertions, 2 deletions
diff --git a/utility/feedfetcher.php b/utility/feedfetcher.php
index e153669ac..0083f1969 100644
--- a/utility/feedfetcher.php
+++ b/utility/feedfetcher.php
@@ -42,19 +42,22 @@ class FeedFetcher implements IFeedFetcher {
private $faviconFetcher;
private $simplePieFactory;
private $time;
+ private $purifier;
public function __construct(API $api,
SimplePieAPIFactory $simplePieFactory,
FaviconFetcher $faviconFetcher,
TimeFactory $time,
$cacheDirectory,
- $cacheDuration){
+ $cacheDuration,
+ $purifier){
$this->api = $api;
$this->cacheDirectory = $cacheDirectory;
$this->cacheDuration = $cacheDuration;
$this->faviconFetcher = $faviconFetcher;
$this->simplePieFactory = $simplePieFactory;
$this->time = $time;
+ $this->purifier = $purifier;
}
@@ -116,7 +119,8 @@ class FeedFetcher implements IFeedFetcher {
$item->setGuid($guid);
$item->setGuidHash(md5($guid));
$item->setBody(str_replace('<a', '<a target="_blank"',
- $simplePieItem->get_content()));
+ // escape XSS
+ $this->purifier->purify($simplePieItem->get_content())));
$item->setPubDate($simplePieItem->get_date('U'));
$item->setLastModified($this->time->getTime());
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 06:55:20 +0000