]> git.wh0rd.org - tt-rss.git/blobdiff - include/functions.php
git.wh0rd.org / tt-rss.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
htmLawed: tweak allowed attributes
[tt-rss.git] / include / functions.php
diff --git a/include/functions.php b/include/functions.php
index 01ec33187c608437ecd38ba88bc7ea3996d591f5..35fcbc45a284bbfa2065fb1f5a2ebe54ecdfc9d3 100644 (file)
--- a/include/functions.php
+++ b/include/functions.php
@@ -2593,7 +2593,7 @@
 
                $res = trim($str); if (!$res) return '';
 
-               $config = array('safe' => 1, 'deny_attribute' => 'style', 'comment' => 1, 'cdata' => 1);
+               $config = array('safe' => 1, 'deny_attribute' => 'style, width, height', 'comment' => 1, 'cdata' => 1);
                $res = htmLawed($res, $config);
 
                if (get_pref($link, "STRIP_IMAGES", $owner)) {
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/