You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by ch...@apache.org on 2009/02/24 01:33:39 UTC
svn commit: r747237 -
/incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php
Author: chabotc
Date: Tue Feb 24 00:33:39 2009
New Revision: 747237
URL: http://svn.apache.org/viewvc?rev=747237&view=rev
Log:
Filled in a very basic content sanitizer that removes any script from the content
Modified:
incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php
Modified: incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php?rev=747237&r1=747236&r2=747237&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php Tue Feb 24 00:33:39 2009
@@ -39,7 +39,18 @@
}
}
- public function rewriteScript(DOMElement $node) {
- //TODO: remove it
+ /**
+ * This is a proof of concept / semi dummy content sanitizer
+ * that removes any javascript from the content block
+ *
+ * @param DOMElement $node
+ */
+ public function rewriteScript(DOMElement &$node) {
+ if (!empty($node->nodeValue)) {
+ $node->nodeValue = '';
+ }
+ if ($node->getAttribute('src') != null) {
+ $node->setAttribute('src', '');
+ }
}
}
\ No newline at end of file