Merge pull request #231 from Alkarex/patch-5

Filtrage des événements JavaScript
author: Alexandre Alapetite <alexandre@alapetite.fr> 2013-11-04 14:17:56 -0800
committer: Alexandre Alapetite <alexandre@alapetite.fr> 2013-11-04 14:17:56 -0800
commit: b23d66ec360208cf1e1d8ee2fc3bebf25997d9fa (patch)
tree: e7305280dc49ccd24d2e548d53561cf3f57851be /app
parent: 6f260570959d1e3521c55ed714af3b00e6795307 (diff)
parent: 8f7d9e12a00b47b6727113ef3519468193aba017 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/app/models/Feed.php b/app/models/Feed.php
index de5db3791..14eeb942a 100644
--- a/app/models/Feed.php
+++ b/app/models/Feed.php
@@ -198,6 +198,10 @@ class Feed extends Model {
 					'input', 'marquee', 'meta', 'noscript',
 					'param', 'script', 'style'
 				));
+				$feed->strip_attributes(array_merge($feed->strip_attributes, array(
+					'onload', 'onunload', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup',
+					'onmouseover', 'onmousemove', 'onmouseout', 'onfocus', 'onblur',
+					'onkeypress', 'onkeydown', 'onkeyup', 'onselect', 'onchange')));
 				$feed->init ();
 
 				if ($feed->error ()) {
author	Alexandre Alapetite <alexandre@alapetite.fr>	2013-11-04 14:17:56 -0800
committer	Alexandre Alapetite <alexandre@alapetite.fr>	2013-11-04 14:17:56 -0800
commit	b23d66ec360208cf1e1d8ee2fc3bebf25997d9fa (patch)
tree	e7305280dc49ccd24d2e548d53561cf3f57851be /app
parent	6f260570959d1e3521c55ed714af3b00e6795307 (diff)
parent	8f7d9e12a00b47b6727113ef3519468193aba017 (diff)