some more sanitize_rss fixes

diff --git a/functions.php b/functions.php
index e5f06da371b4e82e951438ed8ad16aed696260e1..bc46b7c6421a956d2ca3b9a9336c0b4df54c7b83 100644 (file)
--- a/functions.php
+++ b/functions.php
@@ -2441,20 +2441,18 @@
        }
 
        function sanitize_rss($str) {
-               $res = "";
+               $res = $str;
 
                $res = preg_replace('/<script.*?>/i', 
-                                       "<p class=\"scriptWarn\">", $str);
+                       "<p class=\"scriptWarn\">Disabled script: ", $res);
 
-               $res = preg_replace('/<\/script>/i', 
-                       "</p>", $res);
+               $res = preg_replace('/<\/script.*?>/i', "</p>", $res);
+
+               $res = preg_replace('/<embed.*?>/i', "", $res);
 
                $res = preg_replace('/<object.*?>.*?<\/object>/i', 
                        "<p class=\"objectWarn\">(Disabled html object 
-                       - flash or other embedded content)</p>", $str);
-
-               $res = preg_replace('/<\/object>/i', 
-                       "</p>", $res);
+                       - flash or other embedded content)</p>", $res); 
 
                return $res;
        }

diff --git a/tt-rss.css b/tt-rss.css
index a8136cb1bad33381871a945af61a21f00ae7a1a7..337797e735563da9ca168ffad74ef361ec153e8a 100644 (file)
--- a/tt-rss.css
+++ b/tt-rss.css
@@ -1160,9 +1160,9 @@ span.debugTS {
        display : none;
 }
 
-.scriptWarn:before {
+/*.scriptWarn:before {
        content : "Disabled script:";
-}
+}*/
 
 .scriptWarn {
        color : white;