From: Andrew Dolgov <noreply@fakecake.org>
Date: Wed, 13 Dec 2017 17:07:10 +0000 (+0300)
Subject: sanitize: disable referrer via referrerpolicy for img elements
X-Git-Tag: 18.8~104
X-Git-Url: https://git.wh0rd.org/?p=tt-rss.git;a=commitdiff_plain;h=7651b6e2cd982f54c8a2d940ccf7582b53e08831

sanitize: disable referrer via referrerpolicy for img elements
---

diff --git a/include/functions.php b/include/functions.php
index e1e63c2a..60aebe0d 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -1585,6 +1585,7 @@
 			}
 
 			if ($entry->nodeName == 'img') {
+				$entry->setAttribute('referrerpolicy', 'no-referrer');
 
 				if ($entry->hasAttribute('src')) {
 					$is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';