diff options
| author | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2014-04-11 16:56:59 +0200 |
|---|---|---|
| committer | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2014-04-11 16:56:59 +0200 |
| commit | f09d76b0ea22ef506c9ea22672638e0a33949510 (patch) | |
| tree | c207e7071ee61772c54758e7079071da130d9455 /inc/poche/Poche.class.php | |
| parent | 389d751e920f39cd72df8d8ae03028238d0289d6 (diff) | |
| parent | 0f859c6f321af6dfaea66e04cde705ba97e6b5be (diff) | |
| download | wallabag-f09d76b0ea22ef506c9ea22672638e0a33949510.tar.gz wallabag-f09d76b0ea22ef506c9ea22672638e0a33949510.tar.zst wallabag-f09d76b0ea22ef506c9ea22672638e0a33949510.zip | |
Merge pull request #633 from mariroz/dev
error with empty content by import fixed. Also youtube and vimeo videos are allowd in content now.
Diffstat (limited to 'inc/poche/Poche.class.php')
| -rwxr-xr-x | inc/poche/Poche.class.php | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index 3a4e78d6..811895dc 100755 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php | |||
| @@ -373,9 +373,7 @@ class Poche | |||
| 373 | $body = $content['rss']['channel']['item']['description']; | 373 | $body = $content['rss']['channel']['item']['description']; |
| 374 | 374 | ||
| 375 | // clean content from prevent xss attack | 375 | // clean content from prevent xss attack |
| 376 | $config = HTMLPurifier_Config::createDefault(); | 376 | $purifier = $this->getPurifier(); |
| 377 | $config->set('Cache.SerializerPath', CACHE); | ||
| 378 | $purifier = new HTMLPurifier($config); | ||
| 379 | $title = $purifier->purify($title); | 377 | $title = $purifier->purify($title); |
| 380 | $body = $purifier->purify($body); | 378 | $body = $purifier->purify($body); |
| 381 | 379 | ||
| @@ -920,9 +918,7 @@ class Poche | |||
| 920 | Tools::logm('Fetching next batch of articles...'); | 918 | Tools::logm('Fetching next batch of articles...'); |
| 921 | $items = $this->store->retrieveUnfetchedEntries($this->user->getId(), IMPORT_LIMIT); | 919 | $items = $this->store->retrieveUnfetchedEntries($this->user->getId(), IMPORT_LIMIT); |
| 922 | 920 | ||
| 923 | $config = HTMLPurifier_Config::createDefault(); | 921 | $purifier = $this->getPurifier(); |
| 924 | $config->set('Cache.SerializerPath', CACHE); | ||
| 925 | $purifier = new HTMLPurifier($config); | ||
| 926 | 922 | ||
| 927 | foreach ($items as $item) { | 923 | foreach ($items as $item) { |
| 928 | $url = new Url(base64_encode($item['url'])); | 924 | $url = new Url(base64_encode($item['url'])); |
| @@ -1064,4 +1060,16 @@ class Poche | |||
| 1064 | $this->messages->add('s', _('Cache deleted.')); | 1060 | $this->messages->add('s', _('Cache deleted.')); |
| 1065 | Tools::redirect(); | 1061 | Tools::redirect(); |
| 1066 | } | 1062 | } |
| 1063 | |||
| 1064 | /** | ||
| 1065 | * return new purifier object with actual config | ||
| 1066 | */ | ||
| 1067 | protected function getPurifier() { | ||
| 1068 | $config = HTMLPurifier_Config::createDefault(); | ||
| 1069 | $config->set('Cache.SerializerPath', CACHE); | ||
| 1070 | $config->set('HTML.SafeIframe', true); | ||
| 1071 | $config->set('URI.SafeIframeRegexp', '%^(https?:)?//(www\.youtube(?:-nocookie)?\.com/embed/|player\.vimeo\.com/video/)%'); //allow YouTube and Vimeo$purifier = new HTMLPurifier($config); | ||
| 1072 | |||
| 1073 | return new HTMLPurifier($config); | ||
| 1074 | } | ||
| 1067 | } | 1075 | } |