From f8e11569ef99fa1daf15a337a4d0f0d0fcc51742 Mon Sep 17 00:00:00 2001
From: Bernhard Posselt <dev@bernhard-posselt.com>
Date: Sat, 4 Oct 2014 11:12:59 +0200
Subject: zendxml for global enhancer

---
 articleenhancer/globalarticleenhancer.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'articleenhancer')

diff --git a/articleenhancer/globalarticleenhancer.php b/articleenhancer/globalarticleenhancer.php
index 7d8385db2..14f92182d 100644
--- a/articleenhancer/globalarticleenhancer.php
+++ b/articleenhancer/globalarticleenhancer.php
@@ -32,10 +32,10 @@ class GlobalArticleEnhancer implements ArticleEnhancer {
 		// inside <p> tags
 		$body = '<div>' . $item->getBody() . '</div>';
 
-		$loadEntities = libxml_disable_entity_loader(true);
-		@$dom->loadHTML($body, LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD
-			| LIBXML_NONET);
-		libxml_disable_entity_loader($loadEntities);
+		$dom = Security::scan($body, $dom, function ($xml, $dom) {
+			return @$dom->loadHTML($xml, LIBXML_HTML_NOIMPLIED
+				| LIBXML_HTML_NODEFDTD | LIBXML_NONET);
+		});
 
 		$xpath = new \DOMXpath($dom);
 
-- 
cgit v1.2.3