sanitize: remove doctype properly, add experimental workaround against unnecessary html elements in sanitized data
This commit is contained in:
Andrew Dolgov
parent
ae3851b1b5
commit
f44d59992e
1 changed files with 14 additions and 2 deletions
|
|
@ -2891,7 +2891,7 @@
|
|||
}
|
||||
}
|
||||
|
||||
$doc->removeChild($doc->firstChild); //remove doctype
|
||||
$doc->removeChild($doc->doctype); //remove doctype
|
||||
$doc = strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes);
|
||||
|
||||
if ($highlight_words) {
|
||||
|
|
@ -2924,7 +2924,19 @@
|
|||
}
|
||||
}
|
||||
|
||||
$res = $doc->saveHTML();
|
||||
$body = $doc->getElementsByTagName("body")->item(0);
|
||||
|
||||
if ($body) {
|
||||
$div = $doc->createElement("div");
|
||||
|
||||
foreach ($body->childNodes as $child) {
|
||||
$div->appendChild($child);
|
||||
}
|
||||
|
||||
$res = $doc->saveXML($div);
|
||||
} else {
|
||||
$res = $doc->saveHTML();
|
||||
}
|
||||
|
||||
return $res;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue