Strip script and style tags through ::clean() method instead of preg_replace

Huge tags can lead to a failure of preg_replace, thus erasing the whole fetched content. Fixes https://github.com/wallabag/wallabag/issues/5847 Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
4 years ago · 651e8a6bb0
parent c506b7ebd7
commit 651e8a6bb0
1 changed files with 3 additions and 4 deletions
--- a/src/Readability.php
+++ b/src/Readability.php
@ -137,10 +137,6 @@ class Readability implements LoggerAwareInterface
    protected $useTidy;
    // raw HTML filters
    protected $pre_filters = [
-        // remove obvious scripts
-        '!<script[^>]*>(.*?)</script>!is' => '',
-        // remove obvious styles
-        '!<style[^>]*>(.*?)</style>!is' => '',
        // remove spans as we redefine styles and they're probably special-styled
        '!</?span[^>]*>!is' => '',
        // HACK: firewall-filtered content
@ -397,6 +393,9 @@ class Readability implements LoggerAwareInterface

        $this->logger->debug($this->lightClean ? 'Light clean enabled.' : 'Standard clean enabled.');

+        $this->clean($articleContent, 'style');
+        $this->clean($articleContent, 'script');
+
        $this->cleanStyles($articleContent);
        $this->killBreaks($articleContent);