From 9a014043a467e9710d93c66580b33f374e2f4223 Mon Sep 17 00:00:00 2001
From: Steven Wittens <steven@10.no-reply.drupal.org>
Date: Wed, 1 Mar 2006 21:30:17 +0000
Subject: - #50747: RSS channel description is not according to spec

---
 includes/common.inc | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'includes')

diff --git a/includes/common.inc b/includes/common.inc
index 9b9f8b76c..00d1ca0e5 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -659,7 +659,11 @@ function format_rss_channel($title, $link, $description, $items, $language = 'en
   $output = "<channel>\n";
   $output .= ' <title>'. check_plain($title) ."</title>\n";
   $output .= ' <link>'. check_url($link) ."</link>\n";
-  $output .= ' <description>'. check_plain($description) ."</description>\n";
+
+  // The RSS 2.0 "spec" doesn't indicate HTML can be used in the description.
+  // We strip all HTML tags, but need to prevent double encoding from properly
+  // escaped source data (such as &amp becoming &amp;amp;).
+  $output .= ' <description>'. check_plain(decode_entities(strip_tags($description))) ."</description>\n";
   $output .= ' <language>'. check_plain($language) ."</language>\n";
   foreach ($args as $key => $value) {
     $output .= ' <'. $key .'>'. check_plain($value) ."</$key>\n";
@@ -1339,4 +1343,4 @@ function page_set_cache() {
       }
     }
   }
-}
\ No newline at end of file
+}
-- 
cgit v1.2.3