diff options
| author | Steven Wittens <steven@10.no-reply.drupal.org> | 2006-03-01 21:30:17 +0000 |
|---|---|---|
| committer | Steven Wittens <steven@10.no-reply.drupal.org> | 2006-03-01 21:30:17 +0000 |
| commit | 9a014043a467e9710d93c66580b33f374e2f4223 (patch) | |
| tree | 1001c9e18a7990bdcd00a451ee985411a6d6b7be /includes | |
| parent | 514b12c427156f34404d86de887960930ac48451 (diff) | |
| download | brdo-9a014043a467e9710d93c66580b33f374e2f4223.tar.gz brdo-9a014043a467e9710d93c66580b33f374e2f4223.tar.bz2 | |
- #50747: RSS channel description is not according to spec
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/common.inc | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/includes/common.inc b/includes/common.inc index 9b9f8b76c..00d1ca0e5 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -659,7 +659,11 @@ function format_rss_channel($title, $link, $description, $items, $language = 'en $output = "<channel>\n"; $output .= ' <title>'. check_plain($title) ."</title>\n"; $output .= ' <link>'. check_url($link) ."</link>\n"; - $output .= ' <description>'. check_plain($description) ."</description>\n"; + + // The RSS 2.0 "spec" doesn't indicate HTML can be used in the description. + // We strip all HTML tags, but need to prevent double encoding from properly + // escaped source data (such as & becoming &amp;). + $output .= ' <description>'. check_plain(decode_entities(strip_tags($description))) ."</description>\n"; $output .= ' <language>'. check_plain($language) ."</language>\n"; foreach ($args as $key => $value) { $output .= ' <'. $key .'>'. check_plain($value) ."</$key>\n"; @@ -1339,4 +1343,4 @@ function page_set_cache() { } } } -}
\ No newline at end of file +} |