diff options
| author | Laria Carolin Chabowski <laria@laria.me> | 2020-09-25 22:19:37 +0200 |
|---|---|---|
| committer | Laria Carolin Chabowski <laria@laria.me> | 2020-09-25 22:19:37 +0200 |
| commit | 3de03d4f83817e59c1be4bc361fee8eca781789b (patch) | |
| tree | a12de586570159af2e9160f41473ae46e18125ae /ratatoeskr | |
| parent | 5db841cbaafe2d4f4bfe9009f5ecca996f21b4d3 (diff) | |
| download | ratatoeskr-cms-3de03d4f83817e59c1be4bc361fee8eca781789b.tar.gz ratatoeskr-cms-3de03d4f83817e59c1be4bc361fee8eca781789b.tar.bz2 ratatoeskr-cms-3de03d4f83817e59c1be4bc361fee8eca781789b.zip | |
Replace kses with HTMLPurifier
This gets rid of our last non-compüoser dependency! :)
Diffstat (limited to 'ratatoeskr')
| -rw-r--r-- | ratatoeskr/frontend.php | 1 | ||||
| -rw-r--r-- | ratatoeskr/libs/INFO | 7 | ||||
| -rw-r--r-- | ratatoeskr/sys/models.php | 8 |
3 files changed, 5 insertions, 11 deletions
diff --git a/ratatoeskr/frontend.php b/ratatoeskr/frontend.php index 6484796..f49e61e 100644 --- a/ratatoeskr/frontend.php +++ b/ratatoeskr/frontend.php @@ -17,7 +17,6 @@ require_once(dirname(__FILE__) . "/sys/utils.php"); require_once(dirname(__FILE__) . "/languages.php"); require_once(dirname(__FILE__) . "/sys/models.php"); require_once(dirname(__FILE__) . "/sys/textprocessors.php"); -require_once(dirname(__FILE__) . "/libs/kses.php"); /** @var ste\STECore $ste */ assert(isset($ste)); diff --git a/ratatoeskr/libs/INFO b/ratatoeskr/libs/INFO deleted file mode 100644 index e821828..0000000 --- a/ratatoeskr/libs/INFO +++ /dev/null @@ -1,7 +0,0 @@ -This directory will hold some libraries Ratatöskr needs. - -1. kses - - Place "kses.php" from the archive directly into this directory. - - kses can be found at <http://sourceforge.net/projects/kses/> diff --git a/ratatoeskr/sys/models.php b/ratatoeskr/sys/models.php index caf14ad..b820e6f 100644 --- a/ratatoeskr/sys/models.php +++ b/ratatoeskr/sys/models.php @@ -14,7 +14,6 @@ use r7r\cms\sys\Env; require_once(dirname(__FILE__) . "/db.php"); require_once(dirname(__FILE__) . "/utils.php"); -require_once(dirname(__FILE__) . "/../libs/kses.php"); require_once(dirname(__FILE__) . "/textprocessors.php"); require_once(dirname(__FILE__) . "/pluginpackage.php"); @@ -1207,7 +1206,7 @@ class Comment extends BySQLRowEnabled /** * Creates the HTML representation of a comment text. It applies the page's comment textprocessor on it - * and filters some potentially harmful tags using kses. + * and filters some potentially harmful tags using HTMLPurifier. * * @param string $text Text to HTMLize. * @return string HTML code. @@ -1218,7 +1217,10 @@ class Comment extends BySQLRowEnabled $textprocessors = $textprocessors ?? Env::getGlobal()->textprocessors(); - return kses($textprocessors->mustApply($text, $ratatoeskr_settings["comment_textprocessor"]), [ + $purifierConfig = HTMLPurifier_Config::createDefault(); + $purifier = new HTMLPurifier($purifierConfig); + + return $purifier->purify($textprocessors->mustApply($text, $ratatoeskr_settings["comment_textprocessor"]), [ "a" => ["href" => 1, "hreflang" => 1, "title" => 1, "rel" => 1, "rev" => 1], "b" => [], "i" => [], |