diff options
Diffstat (limited to 'lib/lib_rss.php')
| -rw-r--r-- | lib/lib_rss.php | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 4087f6faf..333920c8c 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -102,6 +102,23 @@ function safe_ascii($text) { return filter_var($text, FILTER_DEFAULT, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); } +function escapeToUnicodeAlternative($text, $extended = true) { + $text = htmlspecialchars_decode($text, ENT_QUOTES); + + //Problematic characters + $problem = array('&', '<', '>'); + //Use their fullwidth Unicode form instead: + $replace = array('&', '<', '>'); + + // https://raw.githubusercontent.com/mihaip/google-reader-api/master/wiki/StreamId.wiki + if ($extended) { + $problem += array("'", '"', '^', '?', '\\', '/', ',', ';'); + $replace += array("’", '"', '^', '?', '\', '/', ',', ';'); + } + + return trim(str_replace($problem, $replace, $text)); +} + /** * Test if a given server address is publicly accessible. * @@ -209,6 +226,7 @@ function customSimplePie($attributes = array()) { 'font', 'form', 'frame', 'frameset', 'html', 'link', 'input', 'marquee', 'meta', 'noscript', 'object', 'param', 'plaintext', 'script', 'style', + 'svg', //TODO: Support SVG after sanitizing and URL rewriting of xlink:href )); $simplePie->strip_attributes(array_merge($simplePie->strip_attributes, array( 'autoplay', 'class', 'onload', 'onunload', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup', |