public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 23:25:56 +00:00
Code Issues Releases Wiki Activity

sanitize: handle picture[@srcset] elements properly, i.e. rewrite relative URLs

Browse Source
This commit is contained in:
Andrew Dolgov
2020-04-29 19:02:44 +03:00
parent 4a00f96733
commit 83c8834421
1 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
include/functions.php
View File

@@ -1264,7 +1264,7 @@
$rewrite_base_url = $site_url ? $site_url : get_self_url_prefix(); $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix();
$entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src]|//picture/source[@src])'); $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src]|//picture/source[@src]|//picture/source[@srcset])');
foreach ($entries as $entry) { foreach ($entries as $entry) {
@@ -1303,6 +1303,22 @@
} }
} }
if ($entry->hasAttribute('srcset')) {
$tokens = explode(",", $entry->getAttribute('srcset'));
for ($i = 0; $i < count($tokens); $i++) {
$token = trim($tokens[$i]);
list ($url, $width) = explode(" ", $token, 2);
$url = rewrite_relative_url($rewrite_base_url, $url);
$tokens[$i] = "$url $width";
}
$entry->setAttribute("srcset", implode(", ", $tokens));
}
if ($entry->hasAttribute('src') && if ($entry->hasAttribute('src') &&
($owner && get_pref("STRIP_IMAGES", $owner)) || $force_remove_images || $_SESSION["bw_limit"]) { ($owner && get_pref("STRIP_IMAGES", $owner)) || $force_remove_images || $_SESSION["bw_limit"]) {