bitPickups/friendica_2019-12_sharedHosting_hotFix
1
1
Fork 0
Code Pull requests Activity

Merge pull request #8075 from annando/html-escaping

Browse source 
Fix: removed unneeded HTML escaping
This commit is contained in:
Hypolite Petovan 2020-01-08 16:18:36 -05:00 committed by GitHub
commit b8f85f0484
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/Content/Text/HTML.php
View file

@ -336,8 +336,6 @@ class HTML
$message = html_entity_decode($message, ENT_QUOTES, 'UTF-8');
$message = str_replace(["<"], ["&lt;"], $message);
// remove quotes if they don't make sense
$message = preg_replace('=\[/quote\][\s]*\[quote\]=i', "\n", $message);

2
src/Protocol/DFRN.php
View file

@ -2365,7 +2365,7 @@ class DFRN
$item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry);
$item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]);
// make sure nobody is trying to sneak some html tags by us
$item["body"] = Strings::escapeTags(Strings::base64UrlDecode($item["body"]));
$item["body"] = Strings::base64UrlDecode($item["body"]);
$item["body"] = BBCode::limitBodySize($item["body"]);