Karl (supersat) wrote in lj_dev,
Karl
supersat
lj_dev

LJ::strip_bad_code cleanup

This patch revises LJ::strip_bad_code so all it does is call LJ::CleanHTML::clean instead of duplicating much of the latter's code. LJ::strip_bad_code will also now filter out IFRAMEs, which can be used to sneak annoying JavaScript scripts onto a journal. LJ::CleanHTML::clean also has a modification to allow half-broken comments through if $keepcomments is defined. This lets CSS definitions on journals through. This patch is tested.

Get the patch here.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 3 comments