Merge pull request #8075 from annando/html-escaping

Fix: removed unneeded HTML escaping
This commit is contained in:
Hypolite Petovan 2020-01-08 16:18:36 -05:00 committed by GitHub
commit b8f85f0484
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 3 deletions

View file

@ -336,8 +336,6 @@ class HTML
$message = html_entity_decode($message, ENT_QUOTES, 'UTF-8'); $message = html_entity_decode($message, ENT_QUOTES, 'UTF-8');
$message = str_replace(["<"], ["&lt;"], $message);
// remove quotes if they don't make sense // remove quotes if they don't make sense
$message = preg_replace('=\[/quote\][\s]*\[quote\]=i', "\n", $message); $message = preg_replace('=\[/quote\][\s]*\[quote\]=i', "\n", $message);

View file

@ -2365,7 +2365,7 @@ class DFRN
$item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry); $item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry);
$item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]); $item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]);
// make sure nobody is trying to sneak some html tags by us // make sure nobody is trying to sneak some html tags by us
$item["body"] = Strings::escapeTags(Strings::base64UrlDecode($item["body"])); $item["body"] = Strings::base64UrlDecode($item["body"]);
$item["body"] = BBCode::limitBodySize($item["body"]); $item["body"] = BBCode::limitBodySize($item["body"]);

View file

@ -58,6 +58,10 @@ class HTMLTest extends MockedTest
'expectedBBCode' => '[audio]http://www.cendrones.fr/colloque2017/jonathanbocquet.mp3[/audio]', 'expectedBBCode' => '[audio]http://www.cendrones.fr/colloque2017/jonathanbocquet.mp3[/audio]',
'html' => '<audio src="http://www.cendrones.fr/colloque2017/jonathanbocquet.mp3" controls="controls"><a href="http://www.cendrones.fr/colloque2017/jonathanbocquet.mp3">http://www.cendrones.fr/colloque2017/jonathanbocquet.mp3</a></audio>', 'html' => '<audio src="http://www.cendrones.fr/colloque2017/jonathanbocquet.mp3" controls="controls"><a href="http://www.cendrones.fr/colloque2017/jonathanbocquet.mp3">http://www.cendrones.fr/colloque2017/jonathanbocquet.mp3</a></audio>',
], ],
'bug-8075-html-tags' => [
'expectedBBCode' => "<big rant here> I don't understand tests",
'html' => "&lt;big rant here&gt; I don't understand tests",
],
]; ];
} }