Originally reported by Anonymous as issue 142
While parsing an RSS feed, sanitize failed to strip class and style attributes correctly. I stripped the offending CDATA to this:
<img src="" class="" style=""/>
Playing around, I removed the "/" at the end of the img tag and suddenly it worked! So, I went to the sanitize method and tweaked the regex used to clean up attributes (somewhere around line 14874). Essentially, I changed the very tail end of it from
to allow for a closing slash. That seems to have fixed it.
Using Build 20090627192103
Fixed as of 878c83c since we now use DOM parsing.