X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fxrd.php;h=4b9b0ee8fb4e1931848b799cb07d5a86ec6b2dc7;hb=4894e89f036be1f8a82523ac69d56ae36e7685df;hp=1d29d7904a9d5705e77deac205f0dbfc0fdb2cde;hpb=14e7686df4250169de91c4db2912b1934cc4800f;p=friendica.git

diff --git a/mod/xrd.php b/mod/xrd.php
index 1d29d7904a..4b9b0ee8fb 100644
--- a/mod/xrd.php
+++ b/mod/xrd.php
@@ -5,9 +5,11 @@
 
 use Friendica\App;
 use Friendica\Core\Addon;
+use Friendica\Core\Renderer;
 use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Protocol\Salmon;
+use Friendica\Util\Strings;
 
 function xrd_init(App $a)
 {
@@ -16,7 +18,7 @@ function xrd_init(App $a)
 			System::httpExit(404);
 		}
 
-		$uri = urldecode(notags(trim($_GET['uri'])));
+		$uri = urldecode(Strings::escapeTags(trim($_GET['uri'])));
 		if (defaults($_SERVER, 'HTTP_ACCEPT', '') == 'application/jrd+json') {
 			$mode = 'json';
 		} else {
@@ -27,7 +29,7 @@ function xrd_init(App $a)
 			System::httpExit(404);
 		}
 
-		$uri = urldecode(notags(trim($_GET['resource'])));
+		$uri = urldecode(Strings::escapeTags(trim($_GET['resource'])));
 		if (defaults($_SERVER, 'HTTP_ACCEPT', '') == 'application/xrd+xml') {
 			$mode = 'xml';
 		} else {
@@ -105,9 +107,9 @@ function xrd_xml($a, $uri, $alias, $profile_url, $r)
 	header('Access-Control-Allow-Origin: *');
 	header("Content-type: text/xml");
 
-	$tpl = get_markup_template('xrd_person.tpl');
+	$tpl = Renderer::getMarkupTemplate('xrd_person.tpl');
 
-	$o = replace_macros($tpl, [
+	$o = Renderer::replaceMacros($tpl, [
 		'$nick'        => $r['nickname'],
 		'$accturi'     => $uri,
 		'$alias'       => $alias,