if (mb_strlen($content)===0 && !is_null($actobj)) {
$content = mb_strlen($actobj->content) ? $actobj->content : $actobj->summary;
}
- // Strip out any bad HTML from $content
- $stored->rendered = common_purify($content);
+ // Strip out any bad HTML from $content. URI.Base is used to sort out relative URLs.
+ $stored->rendered = common_purify($content, ['URI.Base' => $stored->url ?: null]);
$stored->content = common_strip_html($stored->getRendered(), true, true);
if (trim($stored->content) === '') {
// TRANS: Error message when the plain text content of a notice has zero length.
return $email;
}
-function common_purify($html)
+function common_purify($html, array $args=array())
{
require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php';
$cfg->set('Attr.AllowedRel', ['bookmark', 'directory', 'enclosure', 'home', 'license', 'nofollow', 'payment', 'tag']); // http://microformats.org/wiki/rel
$cfg->set('HTML.ForbiddenAttributes', array('style')); // id, on* etc. are already filtered by default
$cfg->set('URI.AllowedSchemes', array_fill_keys(common_url_schemes(), true));
+ if (isset($args['URI.Base'])) {
+ $cfg->set('URI.Base', $args['URI.Base']); // if null this is like unsetting it I presume
+ $cfg->set('URI.MakeAbsolute', !is_null($args['URI.Base'])); // if we have a URI base, convert relative URLs to absolute ones.
+ }
// Remove more elements than what the default filter removes, default in GNU social are remotely
// linked resources such as img, video, audio
projects / quix0rs-gnu-social.git / commitdiff