mirror of
https://github.com/wallabag/wallabag.git
synced 2025-09-15 18:57:05 +00:00
[fix] content is now cleaned by HTML purifier from prevent XSS attack
This commit is contained in:
Nicolas Lœuillet
parent
d4949327ef
commit
1570a65381
2 changed files with 8 additions and 0 deletions
|
|
@ -29,6 +29,8 @@ require_once INCLUDES . '/3rdparty/libraries/feedwriter/FeedItem.php';
|
|||
require_once INCLUDES . '/3rdparty/libraries/feedwriter/FeedWriter.php';
|
||||
require_once INCLUDES . '/3rdparty/FlattrItem.class.php';
|
||||
|
||||
require_once INCLUDES . '/3rdparty/htmlpurifier/HTMLPurifier.auto.php';
|
||||
|
||||
# Composer its autoloader for automatically loading Twig
|
||||
if (! file_exists(ROOT . '/vendor/autoload.php')) {
|
||||
Poche::$canRenderTemplates = false;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue