refactor: general code base refactor (#2950)

* refactor * fix: bug in previous refactor * chore: exclude phpcompat sniff due to bug in phpcompat * fix: do not leak absolute paths * refactor/fix: batch extensions checking, fix DOS issue
2025-07-10 03:26:23 +02:00 · 2022-08-06 22:46:28 +02:00
parent b042412416
commit 2bbce8ebef
45 changed files with 679 additions and 827 deletions
--- a/lib/html.php
+++ b/lib/html.php
@ -98,6 +98,15 @@ function sanitize(
    return $htmlContent;
 }

+function sanitize_html(string $html): string
+{
+    $html = str_replace('<script', '<&zwnj;script', $html); // Disable scripts, but leave them visible.
+    $html = str_replace('<iframe', '<&zwnj;iframe', $html);
+    $html = str_replace('<link', '<&zwnj;link', $html);
+    // We leave alone object and embed so that videos can play in RSS readers.
+    return $html;
+}
+
 /**
 * Replace background by image
 *