From 5f45df3168d7733c401c13d12f97ff8030211f0a Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Fri, 23 May 2025 22:12:05 +0200
Subject: Strip more styles attributes (#7606)

Strip `bgcolor`, `text`, `background`, `link`, `alink`, `vlink`
fix https://github.com/FreshRSS/FreshRSS/issues/7604
---
 lib/lib_rss.php | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 682b1365d..bcd8e51b0 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -344,10 +344,12 @@ function customSimplePie(array $attributes = [], array $curl_options = []): \Sim
 	]);
 	$simplePie->rename_attributes(['id', 'class']);
 	$simplePie->strip_attributes(array_merge($simplePie->strip_attributes, [
-		'autoplay', 'class', 'form', 'formaction',
-		'onload', 'onunload', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup',
-		'onmouseover', 'onmousemove', 'onmouseout', 'onfocus', 'onblur',
-		'onkeypress', 'onkeydown', 'onkeyup', 'onselect', 'onchange', 'seamless', 'sizes', 'srcdoc', 'srcset']));
+		'alink', 'autoplay', 'background', 'bgcolor', 'class', 'form', 'formaction',
+		'link', 'onblur', 'onchange', 'onclick', 'ondblclick', 'onfocus',
+		'onkeydown', 'onkeypress', 'onkeyup', 'onload', 'onmousedown', 'onmousemove',
+		'onmouseout', 'onmouseover', 'onmouseup', 'onselect', 'onunload',
+		'seamless', 'sizes', 'srcdoc', 'srcset', 'text', 'vlink',
+	]));
 	$simplePie->add_attributes([
 		'audio' => ['controls' => 'controls', 'preload' => 'none'],
 		'iframe' => [
-- 
cgit v1.2.3