Sarven Capadisli wrote:
On Sun, 2009-07-26 at 00:58 -0400, Craig Andrews wrote:
If we return the content-type as "text/html" instead of "application/xml"
or "application/xhtml+xml" webkit works fine, as laconica is now writing
valid markup to the DOM.
We could use the HTML_Safe PEAR library or Tidy to clean up what we get
and set the response mimetype to text/xml. Zach actually tested this,
but, I can't recall what was the final status.
HTML_Safe does a pretty good job of converting everything to XHTML. The
trouble is it strips out "potentially dangerous content," including
elements oohembed.com returns for YouTube, Vimeo, and other video sites
-- namely: 'embed' and 'object'.
Maybe we can hack in an element whitelist. We really should be
filtering the HTML we're getting from these oembed sites. Any
suggestions for other good ways to do that?
Zach
--
Zach Copley <[email protected]>
Control Yourself, Inc.
_______________________________________________
Laconica-dev mailing list
[email protected]
http://mail.laconi.ca/mailman/listinfo/laconica-dev
