Merge pull request #8463 from annando/issue-8299

Issue 8299: Don't manipulate DFRN content upon receiving
This commit is contained in:
Hypolite Petovan 2020-03-28 23:18:44 -04:00 committed by GitHub
commit 9fd23c407b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -2369,32 +2369,11 @@ class DFRN
$item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry); $item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry);
$item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]); $item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]);
// make sure nobody is trying to sneak some html tags by us
$item["body"] = Strings::base64UrlDecode($item["body"]); $item["body"] = Strings::base64UrlDecode($item["body"]);
$item["body"] = BBCode::limitBodySize($item["body"]); $item["body"] = BBCode::limitBodySize($item["body"]);
/// @todo Do we really need this check for HTML elements? (It was copied from the old function)
if ((strpos($item['body'], '<') !== false) && (strpos($item['body'], '>') !== false)) {
$base_url = DI::baseUrl()->get();
$item['body'] = HTML::relToAbs($item['body'], $base_url);
$item['body'] = HTML::toBBCodeVideo($item['body']);
$item['body'] = OEmbed::HTML2BBCode($item['body']);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
// we shouldn't need a whitelist, because the bbcode converter
// will strip out any unsupported tags.
$purifier = new HTMLPurifier($config);
$item['body'] = $purifier->purify($item['body']);
$item['body'] = @HTML::toBBCode($item['body']);
}
/// @todo We should check for a repeated post and if we know the repeated author. /// @todo We should check for a repeated post and if we know the repeated author.
// We don't need the content element since "dfrn:env" is always present // We don't need the content element since "dfrn:env" is always present