sanitize: force strip unnecessary data outside of <body>...</body> tags generated by DOMDocument::saveHTML()
This commit is contained in:
Andrew Dolgov
parent
977cea1438
commit
42f78188d0
1 changed files with 8 additions and 1 deletions
|
|
@ -1034,7 +1034,14 @@
|
||||||
|
|
||||||
$res = $doc->saveHTML();
|
$res = $doc->saveHTML();
|
||||||
|
|
||||||
return $res;
|
/* strip everything outside of <body>...</body> */
|
||||||
|
|
||||||
|
$res_frag = array();
|
||||||
|
if (preg_match('/<body>(.*)<\/body>/is', $res, $res_frag)) {
|
||||||
|
return $res_frag[1];
|
||||||
|
} else {
|
||||||
|
return $res;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes) {
|
function strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue