Home Explore Help
Sign In
LBP
/
FressRSS
mirror of https://github.com/FreshRSS/FreshRSS.git
4
0
Fork 0
Files Issues 0 Wiki
Browse Source

Improved: Fetch articles with selector but do not delete the class attribute. (Simplepie: new method: rename_attribute) (#4175)

* added to simplepie: rename_attributes

* rename the class attribute

* Update lib/SimplePie/SimplePie/Sanitize.php

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>

* added 'id' as attribute to rename to 'data-sanitized-id'

* Update lib_rss.php

* source code in sync with simplepie upstream

* fixed parameters

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
maTh 4 years ago
parent
ba1259bb21
commit
cb36fe25a7
3 changed files with 56 additions and 0 deletions
Split View Show Diff Stats
  1. 16 0
      lib/SimplePie/SimplePie.php
  2. 39 0
      lib/SimplePie/SimplePie/Sanitize.php
  3. 1 0
      lib/lib_rss.php

+ 16 - 0
lib/SimplePie/SimplePie.php
View File 

@@ -656,6 +656,13 @@ class SimplePie
 
 	 */
 
 	public $strip_htmltags = array('base', 'blink', 'body', 'doctype', 'embed', 'font', 'form', 'frame', 'frameset', 'html', 'iframe', 'input', 'marquee', 'meta', 'noscript', 'object', 'param', 'script', 'style');
 
 
+	/**
 
+	 * @var array Stores the default tags to be stripped by rename_attributes().
 
+	 * @see SimplePie::rename_attributes()
 
+	 * @access private
 
+	 */
 
+	public $rename_attributes = array();
 
+
 
 	/**
 
 	 * @var bool Should we throw exceptions, or use the old-style error property?
 
 	 * @access private
 
@@ -1235,6 +1242,15 @@ class SimplePie
 
 		$this->sanitize->encode_instead_of_strip($enable);
 
 	}
 
 
+	public function rename_attributes($attribs = '')
 
+	{
 
+		if ($attribs === '')
 
+		{
 
+			$attribs = $this->rename_attributes;
 
+		}
 
+		$this->sanitize->rename_attributes($attribs);
 
+	}
 
+
 
 	public function strip_attributes($attribs = '')
 
 	{
 
 		if ($attribs === '')

+ 39 - 0
lib/SimplePie/SimplePie/Sanitize.php
View File 

@@ -61,6 +61,7 @@ class SimplePie_Sanitize
 
 	var $strip_htmltags = array('base', 'blink', 'body', 'doctype', 'embed', 'font', 'form', 'frame', 'frameset', 'html', 'iframe', 'input', 'marquee', 'meta', 'noscript', 'object', 'param', 'script', 'style');
 
 	var $encode_instead_of_strip = false;
 
 	var $strip_attributes = array('bgsound', 'expr', 'id', 'style', 'onclick', 'onerror', 'onfinish', 'onmouseover', 'onmouseout', 'onfocus', 'onblur', 'lowsrc', 'dynsrc');
 
+	var $rename_attributes = array();
 
 	var $add_attributes = array('audio' => array('preload' => 'none'), 'iframe' => array('sandbox' => 'allow-scripts allow-same-origin'), 'video' => array('preload' => 'none'));
 
 	var $strip_comments = false;
 
 	var $output_encoding = 'UTF-8';
 
@@ -169,6 +170,25 @@ class SimplePie_Sanitize
 
 		$this->encode_instead_of_strip = (bool) $encode;
 
 	}
 
 
+	public function rename_attributes($attribs = array())
 
+	{
 
+		if ($attribs)
 
+		{
 
+			if (is_array($attribs))
 
+			{
 
+				$this->rename_attributes = $attribs;
 
+			}
 
+			else
 
+			{
 
+				$this->rename_attributes = explode(',', $attribs);
 
+			}
 
+		}
 
+		else
 
+		{
 
+			$this->rename_attributes = false;
 
+		}
 
+	}
 
+
 
 	public function strip_attributes($attribs = array('bgsound', 'expr', 'id', 'style', 'onclick', 'onerror', 'onfinish', 'onmouseover', 'onmouseout', 'onfocus', 'onblur', 'lowsrc', 'dynsrc'))
 
 	{
 
 		if ($attribs)
 
@@ -375,6 +395,14 @@ class SimplePie_Sanitize
 
 					}
 
 				}
 
 
+				if ($this->rename_attributes)
 
+				{
 
+					foreach ($this->rename_attributes as $attrib)
 
+					{
 
+						$this->rename_attr($attrib, $xpath);
 
+					}
 
+				}
 
+
 
 				if ($this->strip_attributes)
 
 				{
 
 					foreach ($this->strip_attributes as $attrib)
 
@@ -643,6 +671,17 @@ class SimplePie_Sanitize
 
 		}
 
 	}
 
 
+	protected function rename_attr($attrib, $xpath)
 
+	{
 
+		$elements = $xpath->query('//*[@' . $attrib . ']');
 
+
 
+		foreach ($elements as $element)
 
+		{
 
+			$element->setAttribute('data-sanitized-' . $attrib, $element->getAttribute($attrib));
 
+			$element->removeAttribute($attrib);
 
+		}
 
+	}
 
+
 
 	protected function add_attr($tag, $valuePairs, $document)
 
 	{
 
 		$elements = $document->getElementsByTagName($tag);

+ 1 - 0
lib/lib_rss.php
View File 

@@ -247,6 +247,7 @@ function customSimplePie($attributes = array()) {
 
 		'object', 'param', 'plaintext', 'script', 'style',
 
 		'svg',	//TODO: Support SVG after sanitizing and URL rewriting of xlink:href
 
 	));
 
+	$simplePie->rename_attributes(array('id', 'class'));
 
 	$simplePie->strip_attributes(array_merge($simplePie->strip_attributes, array(
 
 		'autoplay', 'class', 'onload', 'onunload', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup',
 
 		'onmouseover', 'onmousemove', 'onmouseout', 'onfocus', 'onblur',