1 files changed, 21 insertions, 11 deletions

diff --git a/plugins/OStatus/lib/xrd.php b/plugins/OStatus/lib/xrd.php
index 16d27f8eb..aa13ef024 100644
--- a/plugins/OStatus/lib/xrd.php
+++ b/plugins/OStatus/lib/xrd.php
@@ -53,17 +53,25 @@ class XRD
         $xrd = new XRD();
 
         $dom = new DOMDocument();
-        $dom->loadXML($xml);
+        if (!$dom->loadXML($xml)) {
+            throw new Exception("Invalid XML");
+        }
         $xrd_element = $dom->getElementsByTagName('XRD')->item(0);
+        if (!$xrd_element) {
+            throw new Exception("Invalid XML, missing XRD root");
+        }
 
         // Check for host-meta host
-        $host = $xrd_element->getElementsByTagName('Host')->item(0)->nodeValue;
+        $host = $xrd_element->getElementsByTagName('Host')->item(0);
         if ($host) {
-            $xrd->host = $host;
+            $xrd->host = $host->nodeValue;
         }
 
         // Loop through other elements
         foreach ($xrd_element->childNodes as $node) {
+            if (!($node instanceof DOMElement)) {
+                continue;
+            }
             switch ($node->tagName) {
             case 'Expires':
                 $xrd->expires = $node->nodeValue;
@@ -144,9 +152,11 @@ class XRD
         $link['href'] = $element->getAttribute('href');
         $link['template'] = $element->getAttribute('template');
         foreach ($element->childNodes as $node) {
-            switch($node->tagName) {
-            case 'Title':
-                $link['title'][] = $node->nodeValue;
+            if ($node instanceof DOMElement) {
+                switch($node->tagName) {
+                case 'Title':
+                    $link['title'][] = $node->nodeValue;
+                }
             }
         }
 
@@ -156,20 +166,20 @@ class XRD
     function saveLink($doc, $link)
     {
         $link_element = $doc->createElement('Link');
-        if ($link['rel']) {
+        if (!empty($link['rel'])) {
             $link_element->setAttribute('rel', $link['rel']);
         }
-        if ($link['type']) {
+        if (!empty($link['type'])) {
             $link_element->setAttribute('type', $link['type']);
         }
-        if ($link['href']) {
+        if (!empty($link['href'])) {
             $link_element->setAttribute('href', $link['href']);
         }
-        if ($link['template']) {
+        if (!empty($link['template'])) {
             $link_element->setAttribute('template', $link['template']);
         }
 
-        if (is_array($link['title'])) {
+        if (!empty($link['title']) && is_array($link['title'])) {
             foreach($link['title'] as $title) {
                 $title = $doc->createElement('Title', $title);
                 $link_element->appendChild($title);