From: Brion Vibber Date: Thu, 18 Mar 2010 00:35:27 +0000 (-0700) Subject: Ticket #2244: fix to interpretation of escaped HTML and plaintext Atom content on... X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=55a54d6f6a98e02e204a59ebb7e6f9ea9d99ab5b;p=quix0rs-gnu-social.git Ticket #2244: fix to interpretation of escaped HTML and plaintext Atom content on incoming OStatus messages. We were double-unescaping for , turning <b> escaped chars into literal tags (which then may get removed entirely by the HTML scrubber). --- diff --git a/lib/activity.php b/lib/activity.php index d84eabf7c4..d7e13052d4 100644 --- a/lib/activity.php +++ b/lib/activity.php @@ -458,11 +458,14 @@ class ActivityUtils // slavishly following http://atompub.org/rfc4287.html#rfc.section.4.1.3.3 if (empty($type) || $type == 'text') { - return $contentEl->textContent; + // Plain text source -- let's turn it into HTML! + return htmlspecialchars($contentEl->textContent); } else if ($type == 'html') { - $text = $contentEl->textContent; - return htmlspecialchars_decode($text, ENT_QUOTES); + // The XML text decoding gives us an HTML string ready to roll. + return $contentEl->textContent, ENT_QUOTES; } else if ($type == 'xhtml') { + // Embedded XHTML; we have to pull it out of the document tree, + // then serialize it back out to an HTML fragment string. $divEl = ActivityUtils::child($contentEl, 'div', 'http://www.w3.org/1999/xhtml'); if (empty($divEl)) { return null;