Domů Procházet Nápověda
Přihlásit se
LBP
/
FressRSS
zrcadlo https://github.com/FreshRSS/FreshRSS.git
4
0
Rozštěpit 0
Soubory Úkoly 0 Wiki
Procházet zdrojové kódy

HTML+XPath allow content as HTML (#4878)

* HTML+XPath allow content as HTML
#fix https://github.com/FreshRSS/FreshRSS/issues/4869

* Wrong variable reuse

* Allow both HTML and expressions
Alexandre Alapetite před 3 roky
rodič
9b674e7e93
revize
4bf678f8e4
1 změnil soubory, kde provedl 26 přidání a 3 odebrání
Jednotné zobrazení Ukázat statistiku rozdílových dat
  1. 26 3
      app/Models/Feed.php

+ 26 - 3
app/Models/Feed.php
Zobrazit soubor 

@@ -653,7 +653,23 @@ class FreshRSS_Feed extends Minz_Model {
 
 			foreach ($nodes as $node) {
 
 			foreach ($nodes as $node) {
 
 				$item = [];
 
 				$item = [];
 
 				$item['title'] = $xPathItemTitle == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemTitle . ')', $node);
 
 				$item['title'] = $xPathItemTitle == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemTitle . ')', $node);
 
-				$item['content'] = $xPathItemContent == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemContent . ')', $node);
 
+
 
+				$item['content'] = '';
 
+				if ($xPathItemContent != '') {
 
+					$result = @$xpath->evaluate($xPathItemContent, $node);
 
+					if ($result instanceof DOMNodeList) {
 
+						// List of nodes, save as HTML
 
+						$content = '';
 
+						foreach ($result as $child) {
 
+							$content .= $doc->saveHTML($child) . "\n";
 
+						}
 
+						$item['content'] = $content;
 
+					} else {
 
+						// Typed expression, save as-is
 
+						$item['content'] = strval($result);
 
+					}
 
+				}
 
+
 
 				$item['link'] = $xPathItemUri == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemUri . ')', $node);
 
 				$item['link'] = $xPathItemUri == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemUri . ')', $node);
 
 				$item['author'] = $xPathItemAuthor == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemAuthor . ')', $node);
 
 				$item['author'] = $xPathItemAuthor == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemAuthor . ')', $node);
 
 				$item['timestamp'] = $xPathItemTimestamp == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemTimestamp . ')', $node);
 
 				$item['timestamp'] = $xPathItemTimestamp == '' ? '' : @$xpath->evaluate('normalize-space(' . $xPathItemTimestamp . ')', $node);
 
@@ -679,8 +695,15 @@ class FreshRSS_Feed extends Minz_Model {
 
 					$item['guid'] = 'urn:sha1:' . sha1($item['title'] . $item['content'] . $item['link']);
 
 					$item['guid'] = 'urn:sha1:' . sha1($item['title'] . $item['content'] . $item['link']);
 
 				}
 
 				}
 
 
 
-				if ($item['title'] . $item['content'] . $item['link'] != '') {
 
-					$item = Minz_Helper::htmlspecialchars_utf8($item);
 
+				if ($item['title'] != '' || $item['content'] != '' || $item['link'] != '') {
 
+					// HTML-encoding/escaping of the relevant fields (all except 'content')
 
+					foreach (['author', 'categories', 'guid', 'link', 'thumbnail', 'timestamp', 'title'] as $key) {
 
+						if (!empty($item[$key])) {
 
+							$item[$key] = Minz_Helper::htmlspecialchars_utf8($item[$key]);
 
+						}
 
+					}
 
+					// CDATA protection
 
+					$item['content'] = str_replace(']]>', ']]>', $item['content']);
 
 					$view->entries[] = FreshRSS_Entry::fromArray($item);
 
 					$view->entries[] = FreshRSS_Entry::fromArray($item);
 
 				}
 
 				}
 
 			}
 
 			}