You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shindig.apache.org by ch...@apache.org on 2009/02/24 01:33:39 UTC

svn commit: r747237 - /incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php

Author: chabotc
Date: Tue Feb 24 00:33:39 2009
New Revision: 747237

URL: http://svn.apache.org/viewvc?rev=747237&view=rev
Log:
Filled in a very basic content sanitizer that removes any script from the content

Modified:
    incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php

Modified: incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php?rev=747237&r1=747236&r2=747237&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/rewrite/SanitizeRewriter.php Tue Feb 24 00:33:39 2009
@@ -39,7 +39,18 @@
     }
   }
 
-  public function rewriteScript(DOMElement $node) {
-    //TODO: remove it
+  /**
+   * This is a proof of concept / semi dummy content sanitizer
+   * that removes any javascript from the content block
+   *
+   * @param DOMElement $node
+   */
+  public function rewriteScript(DOMElement &$node) {
+    if (!empty($node->nodeValue)) {
+      $node->nodeValue = '';
+    }
+    if ($node->getAttribute('src') != null) {
+      $node->setAttribute('src', '');
+    }
   }
 }
\ No newline at end of file