Skip to content

Commit

Permalink
HTML entity decode for setHTML
Browse files Browse the repository at this point in the history
  • Loading branch information
@Elleuch-x1 @freekmurze
Elleuch-x1 authored and freekmurze committed Feb 10, 2025
1 parent 73a93f8 commit ecef587
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion src/Browsershot.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -306,10 +306,12 @@ public function setProxyServer(string $proxyServer): static

public function setHtml(string $html): static
{
$decHtml = html_entity_decode($html, ENT_QUOTES | ENT_HTML5);
foreach ($this->unsafeProtocols as $protocol) {
if (str_contains(strtolower($html), $protocol)) {
if (str_contains(strtolower($html), $protocol) || str_contains(strtolower($decHtml), $protocol) ) {
throw HtmlIsNotAllowedToContainFile::make();
}

}

$this->html = $html;
Expand Down

0 comments on commit ecef587

Please sign in to comment.