]> git.mxchange.org Git - quix0rs-gnu-social.git/commitdiff
projects / quix0rs-gnu-social.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw (from parent 1: dd93420)
Merge remote-tracking branch 'upstream/master' into social-master
authorRoland Haeder <roland@mxchange.org>
Sat, 30 Jan 2016 12:38:52 +0000 (13:38 +0100)
committerRoland Haeder <roland@mxchange.org>
Sat, 30 Jan 2016 12:38:52 +0000 (13:38 +0100)
classes/Notice.php patch | blob | history

diff --git a/classes/Notice.php b/classes/Notice.php
index 2d3ed9942a4950c253c49829c9097d602f4cb57d..e8c88f36452f67065e898a6def19930d590cd7d1 100644 (file)
--- a/classes/Notice.php
+++ b/classes/Notice.php
@@ -823,13 +823,12 @@ class Notice extends Managed_DataObject
         $stored->url = $url;
         $stored->verb = $act->verb;
 
-        // Notice content. We trust local users to provide HTML we like, but of course not remote users.
-        // FIXME: What about local users importing feeds? Mirror functions must filter out bad HTML first...
         $content = $act->content ?: $act->summary;
         if (is_null($content) && !is_null($actobj)) {
             $content = $actobj->content ?: $actobj->summary;
         }
-        $stored->rendered = $actor->isLocal() ? $content : common_purify($content);
+        // Strip out any bad HTML
+        $stored->rendered = common_purify($content);
         // yeah, just don't use getRendered() here since it's not inserted yet ;)
         $stored->content = common_strip_html($stored->rendered);
 
This is my personal clone from the wonderful software GNUSocial. I may fix or break things here, so use it on your own risk. :-)