if ($site_url) {
- if ($entry->hasAttribute('href'))
+ if ($entry->hasAttribute('href')) {
$entry->setAttribute('href',
rewrite_relative_url($site_url, $entry->getAttribute('href')));
+ $entry->setAttribute('rel', 'noreferrer');
+ }
+
if ($entry->hasAttribute('src')) {
$src = rewrite_relative_url($site_url, $entry->getAttribute('src'));
header("Content-Type: text/html");
$rv['content'] .= "<html><head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>
- <title>Tiny Tiny RSS - ".$line["title"]."</title>
- <link rel=\"stylesheet\" type=\"text/css\" href=\"css/tt-rss.css\">
+ <title>Tiny Tiny RSS - ".$line["title"]."</title>".
+ stylesheet_tag("css/tt-rss.css").
+ stylesheet_tag("css/zoom.css").
+ stylesheet_tag("css/dijit.css")."
+
<link rel=\"shortcut icon\" type=\"image/png\" href=\"images/favicon.png\">
<link rel=\"icon\" type=\"image/png\" sizes=\"72x72\" href=\"images/favicon-72px.png\">
if (db_num_rows($result) == 1) {
return db_fetch_result($result, 0, "access_key");
} else {
- $key = db_escape_string(uniqid());
+ $key = db_escape_string(uniqid(base_convert(rand(), 10, 36)));
$result = db_query("INSERT INTO ttrss_access_keys
(access_key, feed_id, is_cat, owner_uid)
function stylesheet_tag($filename) {
$timestamp = filemtime($filename);
- echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"$filename?$timestamp\"/>\n";
+ return "<link rel=\"stylesheet\" type=\"text/css\" href=\"$filename?$timestamp\"/>\n";
}
function javascript_tag($filename) {
if ($query) $timestamp .= "&$query";
- echo "<script type=\"text/javascript\" charset=\"utf-8\" src=\"$filename?$timestamp\"></script>\n";
+ return "<script type=\"text/javascript\" charset=\"utf-8\" src=\"$filename?$timestamp\"></script>\n";
}
function calculate_dep_timestamp() {