Bug 1321247, sanitize forms out of the RSS reader, r?dveditz
MozReview-Commit-ID: DOPHvrYv3wJ
--- a/toolkit/components/feeds/FeedProcessor.js
+++ b/toolkit/components/feeds/FeedProcessor.js
@@ -620,17 +620,18 @@ TextConstruct.prototype = {
var isXML;
if (this.type == "xhtml")
isXML = true
else if (this.type == "html")
isXML = false;
else
return null;
- return this.parserUtils.parseFragment(this.text, 0, isXML,
+ let flags = Ci.nsIParserUtils.SanitizerDropForms;
+ return this.parserUtils.parseFragment(this.text, flags, isXML,
this.base, element);
},
// XPCOM stuff
classID: TEXTCONSTRUCT_CLASSID,
QueryInterface: XPCOMUtils.generateQI([Ci.nsIFeedTextConstruct])
}