Fix sanitize feed description (#3222)

* Fix sanitize feed description #fix https://github.com/FreshRSS/FreshRSS/issues/3221 * Simplification
author: Alexandre Alapetite <alexandre@alapetite.fr> 2020-10-11 13:32:23 +0200
committer: GitHub <noreply@github.com> 2020-10-11 13:32:23 +0200
commit: f33e2611632bf6f28948a9351dbd4e981643e4cc (patch)
tree: 68f7bbd9fd05a3b8947ef3015c24d831aa110532 /lib/lib_rss.php
parent: 191cda42e6b0fde9959b832d24b23ee0bf82c7ed (diff)
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 5c0a8a2bf..64f12c633 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -241,16 +241,25 @@ function customSimplePie($attributes = array()) {
 	return $simplePie;
 }
 
-function sanitizeHTML($data, $base = '') {
-	if (!is_string($data)) {
+function sanitizeHTML($data, $base = '', $maxLength = false) {
+	if (!is_string($data) || ($maxLength !== false && $maxLength <= 0)) {
 		return '';
 	}
+	if ($maxLength !== false) {
+		$data = mb_strcut($data, 0, $maxLength, 'UTF-8');
+	}
 	static $simplePie = null;
 	if ($simplePie == null) {
 		$simplePie = customSimplePie();
 		$simplePie->init();
 	}
-	return html_only_entity_decode($simplePie->sanitize->sanitize($data, SIMPLEPIE_CONSTRUCT_HTML, $base));
+	$result = html_only_entity_decode($simplePie->sanitize->sanitize($data, SIMPLEPIE_CONSTRUCT_HTML, $base));
+	if ($maxLength !== false && strlen($result) > $maxLength) {
+		//Sanitizing has made the result too long so try again shorter
+		$data = mb_strcut($result, 0, (2 * $maxLength) - strlen($result) - 2, 'UTF-8');
+		return sanitizeHTML($data, $base, $maxLength);
+	}
+	return $result;
 }
 
 /**
author	Alexandre Alapetite <alexandre@alapetite.fr>	2020-10-11 13:32:23 +0200
committer	GitHub <noreply@github.com>	2020-10-11 13:32:23 +0200
commit	f33e2611632bf6f28948a9351dbd4e981643e4cc (patch)
tree	68f7bbd9fd05a3b8947ef3015c24d831aa110532 /lib/lib_rss.php
parent	191cda42e6b0fde9959b832d24b23ee0bf82c7ed (diff)