diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2018-12-22 13:22:20 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2018-12-22 13:22:20 +0100 |
| commit | f0a359619fa2936d66a2b96dd086d4686e7405fa (patch) | |
| tree | ddad42a7f6813bd458f39d5203d083daad4cc1c5 /lib/lib_rss.php | |
| parent | e04804d0f67dd43fd3f072b9a127768ee7b7b56c (diff) | |
| parent | 4a1a852f457d52fa47191e3f7e3e9073e1324cd9 (diff) | |
Merge pull request #2186 from FreshRSS/dev1.13.0
FreshRSS 1.13.0
Diffstat (limited to 'lib/lib_rss.php')
| -rw-r--r-- | lib/lib_rss.php | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 4087f6faf..333920c8c 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -102,6 +102,23 @@ function safe_ascii($text) { return filter_var($text, FILTER_DEFAULT, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); } +function escapeToUnicodeAlternative($text, $extended = true) { + $text = htmlspecialchars_decode($text, ENT_QUOTES); + + //Problematic characters + $problem = array('&', '<', '>'); + //Use their fullwidth Unicode form instead: + $replace = array('&', '<', '>'); + + // https://raw.githubusercontent.com/mihaip/google-reader-api/master/wiki/StreamId.wiki + if ($extended) { + $problem += array("'", '"', '^', '?', '\\', '/', ',', ';'); + $replace += array("’", '"', '^', '?', '\', '/', ',', ';'); + } + + return trim(str_replace($problem, $replace, $text)); +} + /** * Test if a given server address is publicly accessible. * @@ -209,6 +226,7 @@ function customSimplePie($attributes = array()) { 'font', 'form', 'frame', 'frameset', 'html', 'link', 'input', 'marquee', 'meta', 'noscript', 'object', 'param', 'plaintext', 'script', 'style', + 'svg', //TODO: Support SVG after sanitizing and URL rewriting of xlink:href )); $simplePie->strip_attributes(array_merge($simplePie->strip_attributes, array( 'autoplay', 'class', 'onload', 'onunload', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup', |