friendica
/
friendica
mirror of https://github.com/friendica/friendica
6
0
Fork 1
Code Issues Packages Projects Releases 1 Wiki Activity

Merge pull request #7944 from MrPetovan/bug/4451-escape-bbcode-blocks-autolinker 

Escape potential URL-containing BBCodes before running autolinker
This commit is contained in:
Michael Vogel 2019-12-13 21:10:57 +01:00 committed by GitHub
parent 8f58d2d84e e1583123b4
commit 6ca38bac9f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/Content/Text/BBCode.php
View File

@ -1507,8 +1507,29 @@ class BBCode extends BaseObject
$text = str_replace('[hr]', '<hr />', $text);
if (!$for_plaintext) {
$escaped = [];
// Escaping BBCodes susceptible to contain rogue URL we don'' want the autolinker to catch
$text = preg_replace_callback('#\[(url|img|audio|video|youtube|vimeo|share|attachment|iframe|bookmark).+?\[/\1\]#ism',
function ($matches) use (&$escaped) {
$return = '{escaped-' . count($escaped) . '}';
$escaped[] = $matches[0];
return $return;
},
$text
);
// Autolinker for isolated URLs
$text = preg_replace(Strings::autoLinkRegEx(), '[url]$1[/url]', $text);
// Restoring escaped blocks
$text = preg_replace_callback('/{escaped-([0-9]+)}/iU',
function ($matches) use ($escaped) {
return $escaped[intval($matches[1])] ?? $matches[0];
},
$text
);
}
// This is actually executed in Item::prepareBody()