sanitize: disable referrer via referrerpolicy for img elements

[tt-rss.git] / include / functions.php

diff --git a/include/functions.php b/include/functions.php
index e1e63c2a36f097584fbaf95b8c876a069b7ea36e..60aebe0da7b1cb98c41d571b9bdbd08b4a3e1666 100644 (file)
--- a/include/functions.php
+++ b/include/functions.php
@@ -1585,6 +1585,7 @@
                        }
 
                        if ($entry->nodeName == 'img') {
+                               $entry->setAttribute('referrerpolicy', 'no-referrer');
 
                                if ($entry->hasAttribute('src')) {
                                        $is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';