sanitize: disallow width and height attributes for images
This commit is contained in:
parent
2eaf2a1f36
commit
8babb8e75a
1 changed files with 3 additions and 0 deletions
|
@ -1587,6 +1587,9 @@
|
||||||
if ($entry->nodeName == 'img') {
|
if ($entry->nodeName == 'img') {
|
||||||
$entry->setAttribute('referrerpolicy', 'no-referrer');
|
$entry->setAttribute('referrerpolicy', 'no-referrer');
|
||||||
|
|
||||||
|
$entry->removeAttribute('width');
|
||||||
|
$entry->removeAttribute('height');
|
||||||
|
|
||||||
if ($entry->hasAttribute('src')) {
|
if ($entry->hasAttribute('src')) {
|
||||||
$is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';
|
$is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue