diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2025-04-06 00:47:45 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2025-04-06 00:47:45 +0200 |
| commit | 54e2f9107d03c5b3bb260f38fdb2736bce449fd4 (patch) | |
| tree | 75a1735e7761f0aca6d7d7084443c013aad9efdf | |
| parent | d858053a7c70b3fee0fe407420ff8bd1466d5de2 (diff) | |
Disallow iframe srcdoc for now (#7494)
We do not sanitize this attribute well enough, so striped for now.
It is rarely used: I have not seen any use of it in any of my many test feeds.
Can be added back when we can handle its inherent security issues better.
| -rw-r--r-- | lib/lib_rss.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/lib_rss.php b/lib/lib_rss.php index b53838410..7e7dd4790 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -350,7 +350,7 @@ function customSimplePie(array $attributes = [], array $curl_options = []): \Sim $simplePie->strip_attributes(array_merge($simplePie->strip_attributes, [ 'autoplay', 'class', 'onload', 'onunload', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup', 'onmouseover', 'onmousemove', 'onmouseout', 'onfocus', 'onblur', - 'onkeypress', 'onkeydown', 'onkeyup', 'onselect', 'onchange', 'seamless', 'sizes', 'srcset'])); + 'onkeypress', 'onkeydown', 'onkeyup', 'onselect', 'onchange', 'seamless', 'sizes', 'srcdoc', 'srcset'])); $simplePie->add_attributes([ 'audio' => ['controls' => 'controls', 'preload' => 'none'], 'iframe' => [ |