public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 19:05:55 +00:00
Code Issues Releases Wiki Activity

strip_harmful_tags: remove data- attributes

Browse Source
This commit is contained in:
Andrew Dolgov
2018-11-30 15:02:01 +03:00
parent 5f211e37a4
commit 50052fb78a
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
include/functions.php
View File

@@ -1761,6 +1761,10 @@
array_push($attrs_to_remove, $attr);
}
if (strpos($attr->nodeName, "data-") === 0) {
array_push($attrs_to_remove, $attr);
}
if ($attr->nodeName == 'href' && stripos($attr->value, 'javascript:') === 0) {
array_push($attrs_to_remove, $attr);
}