diff options
| author | Zach Copley <zach@status.net> | 2010-05-06 00:55:17 -0700 |
|---|---|---|
| committer | Zach Copley <zach@status.net> | 2010-05-18 15:15:52 -0700 |
| commit | 0dfef88cacde19cf0afaefbd422a7f5230091064 (patch) | |
| tree | 6976bc3cac8e4ccfaa0f11d034bb6f21aaa9de00 /lib/apiaction.php | |
| parent | 68634f04969d2d7bcbd1d657c466090990dea501 (diff) | |
HTML entity encode source link URLs in plain XML output and add rel="nofollow" to them
Diffstat (limited to 'lib/apiaction.php')
| -rw-r--r-- | lib/apiaction.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/apiaction.php b/lib/apiaction.php index 7a6a5549b..f3efff402 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -266,13 +266,13 @@ class ApiAction extends Action $ns = $notice->getSource(); if ($ns) { if (!empty($ns->name) && !empty($ns->url)) { - $source = '<a href="' . $ns->url . '">' . $ns->name . '</a>'; + $source = '<a href="' . $ns->url . '" rel="nofollow">' . $ns->name . '</a>'; } else { $source = $ns->code; } } - $twitter_status['source'] = $source; + $twitter_status['source'] = htmlentities($source); $twitter_status['id'] = intval($notice->id); $replier_profile = null; |