From c952256564c7a0aa4087bd103c3dc10b5de82a29 Mon Sep 17 00:00:00 2001
From: Inverle <inverle@proton.me>
Date: Thu, 31 Jul 2025 17:04:47 +0200
Subject: Strip more unsafe attributes e.g. `referrerpolicy` (#7770)

---
 lib/lib_rss.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/lib_rss.php b/lib/lib_rss.php
index 9fe884cc2..25405017a 100644
--- a/lib/lib_rss.php
+++ b/lib/lib_rss.php
@@ -348,7 +348,8 @@ function customSimplePie(array $attributes = [], array $curl_options = []): \Sim
 		'link', 'onblur', 'onchange', 'onclick', 'ondblclick', 'onfocus',
 		'onkeydown', 'onkeypress', 'onkeyup', 'onload', 'onmousedown', 'onmousemove',
 		'onmouseout', 'onmouseover', 'onmouseup', 'onselect', 'onunload',
-		'seamless', 'sizes', 'srcdoc', 'srcset', 'text', 'vlink',
+		'seamless', 'sizes', 'srcdoc', 'srcset', 'text', 'vlink', 'referrerpolicy', 'ping',
+		'target', 'rel', 'name', 'download', 'attributionsrc',
 	]));
 	$simplePie->add_attributes([
 		'audio' => ['controls' => 'controls', 'preload' => 'none'],
-- 
cgit v1.2.3