Context Navigation

update-headers.php

Timestamp:

02/07/2024 05:58:19 AM (23 months ago)

Author:

dd32

Message:

Trac: Escape HTML within script tags, as DOMDocument doesn't like it. Remove CDATA entirely, I don't think it's needed.

File:

-                      r12855
+                      r13181
 function domdocument_from_url( $url ) {
     $html = file_get_contents( $url );
+    /*
+     * Escape HTML within Javascript strings.
+     * DomDocument doesn't handle HTML tags within Javascript strings.
+     * See https://stackoverflow.com/questions/40703313/php-domdocument-errors-while-parsing-unescaped-strings
+     */
+    $html = preg_replace_callback(
+        '!<script([^>]+)>(.*?)</script>!ism',
+        function( $m ) {
+            $escaped = $m[2];
+            $escaped = str_replace( array( '<', '>' ), array( '\x3C',  '\x3E' ), $escaped );
+            return "<script{$m[1]}>{$escaped}</script>";
+        },
+        $html
+    );
     $doc = new DOMDocument();
 …
     $html = preg_replace( '#<style([^>]*)><!\[CDATA\[(.+?)\]\]></style>#ism', "<style$1>$2</style>", $html );
     // Escape CDATA tags in <script>
     $html = preg_replace( '#<script([^>]*)><!\[CDATA\[(.+?)\]\]></script>#ism', "<script$1>//<![CDATA[\n$2\n//]]></script>", $html );
+    // Remove CDATA tags in <script>
+    $html = preg_replace( '#<script([^>]*)><!\[CDATA\[(.+?)\]\]></script>#ism', "<script$1>$2</script>", $html );
     // Remove trailing whitespace.

Note: See TracChangeset for help on using the changeset viewer.