Issue with SimplePie Santize

  • ResolvedPlugin Author Workshopshed

    (@workshopshed)


    11 years, 11 months ago

    I’ve spotted an issue in the version of SimplePie that’s included in WordPress 3.5 in that the sanitizer is not getting set. The net result of this is that things like videos and objects are unintentionally stripped out of the content. There is also a change of syntax in that the “set_xxx_class” is depreciated in the this version of SimplePie.

    In the function import_blog($blogID) you will find the code that sets these classes.

    $feed = new SimplePie();
$feed->set_item_class('WP_SimplePie_Blog_Item');
$feed->set_sanitize_class('Blogger_Importer_Sanitize');
$feed->set_raw_data($response);
$feed->init();

    Replace this with:

    $feed = new SimplePie();
$reg = $feed->get_registry();
$reg->register('Sanitize','Blogger_Importer_Sanitize');
$reg->register('Item','WP_SimplePie_Blog_Item');
$feed->sanitize = $reg->create('Sanitize');
$feed->set_raw_data($response);
$feed->init();

    If you actually want the unitentionally behaviour or want to be even more agressive in filtering out the data you can add iframe and object to the list at the top of blogger-importer-sanitize.php

    https://www.ads-software.com/extend/plugins/blogger-importer/

Viewing 4 replies - 1 through 4 (of 4 total)

  • Maybe you can help me. I’m importing a blog from Blogger, the importer keeps stripping the embedded Youtube and Soundcloud.
    Is there something I can change in the SimplePie code that will allow this content to be imported.
    If so, could you tell me what to do? (I’m no expert with code)
    Thanks.

    Plugin Author Workshopshed

    (@workshopshed)

    I’m not aware of how Soundcloud does it’s embedded files but the Youtube ones should not be stripped out in the latest beta version.

    Soundcloud uses iframes, so i imagine whatever works for Youtube should work for SC too. How would I go about getting the beta version? I have the standard Blogger importer plugin, and there is no option to update…
    Would I replace the blogger-importer-sanitize.php file with that beta version?
    Thanks

    Plugin Author Workshopshed

    (@workshopshed)

    It’s over here.

    https://core.trac.www.ads-software.com/attachment/ticket/4010/blogger-importer.zip

    Unfortunately I don’t have permissions to add it to SVN, it would be nice to put it in a branch

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Issue with SimplePie Santize’ is closed to new replies.

Tags