From 5b0d3257337c0296eba66537b87c9143d89a160f Mon Sep 17 00:00:00 2001 From: wn_ Date: Tue, 17 Jun 2025 17:59:10 +0000 Subject: Escape error content displayed when subscribing fails (as it might contain HTML). --- classes/Feeds.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'classes') diff --git a/classes/Feeds.php b/classes/Feeds.php index 242801891..a58c42e34 100644 --- a/classes/Feeds.php +++ b/classes/Feeds.php @@ -1035,7 +1035,7 @@ class Feeds extends Handler_Protected { UrlHelper::$fetch_last_error .= " (feed behind Cloudflare)"; } - return array("code" => 5, "message" => UrlHelper::$fetch_last_error); + return array("code" => 5, "message" => truncate_string(UrlHelper::$fetch_last_error, 1000, '…')); } if (str_contains(UrlHelper::$fetch_last_content_type, "html") && self::_is_html($contents)) { -- cgit v1.2.3-54-g00ecf