Strip script and style tags through ::clean() method instead of preg_replace

Huge tags can lead to a failure of preg_replace, thus erasing the whole fetched content. Fixes https://github.com/wallabag/wallabag/issues/5847 Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
4 years ago · 6689f19956
parent 0c0653dad6
commit 6689f19956
1 changed files with 3 additions and 4 deletions
--- a/src/Readability.php
+++ b/src/Readability.php
@ -108,10 +108,6 @@ class Readability implements LoggerAwareInterface
    protected $useTidy;
    // raw HTML filters
    protected $pre_filters = [
-        // remove obvious scripts
-        '!<script[^>]*>(.*?)</script>!is' => '',
-        // remove obvious styles
-        '!<style[^>]*>(.*?)</style>!is' => '',
        // remove spans as we redefine styles and they're probably special-styled
        '!</?span[^>]*>!is' => '',
        // HACK: firewall-filtered content
@ -366,6 +362,9 @@ class Readability implements LoggerAwareInterface

        $this->logger->debug($this->lightClean ? 'Light clean enabled.' : 'Standard clean enabled.');

+        $this->clean($articleContent, 'style');
+        $this->clean($articleContent, 'script');
+
        $this->cleanStyles($articleContent);
        $this->killBreaks($articleContent);