From: Andrew Dolgov <noreply@fakecake.org>
Date: Fri, 29 Apr 2016 18:59:34 +0000 (+0300)
Subject: sanitize: force strip unnecessary data outside of <body>...</body> tags generated... 
X-Git-Tag: 16.8~31
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=42f78188d010458d140ab1305c056e9c9c755e92;p=tt-rss.git

sanitize: force strip unnecessary data outside of <body>...</body> tags generated by DOMDocument::saveHTML()
---

diff --git a/include/functions2.php b/include/functions2.php
index 1c2ffb93..0a4f4309 100644
--- a/include/functions2.php
+++ b/include/functions2.php
@@ -1034,7 +1034,14 @@
 
 		$res = $doc->saveHTML();
 
-		return $res;
+		/* strip everything outside of <body>...</body> */
+
+		$res_frag = array();
+		if (preg_match('/<body>(.*)<\/body>/is', $res, $res_frag)) {
+			return $res_frag[1];
+		} else {
+			return $res;
+		}
 	}
 
 	function strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes) {