From 949e2ab4d283244594414fa09d100187865c0657 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Fri, 24 Sep 2021 08:40:06 +0300
Subject: [PATCH] properly sanitize video poster attribute

---
 classes/sanitizer.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/classes/sanitizer.php b/classes/sanitizer.php
index 0a444a296..3f6e9504e 100644
--- a/classes/sanitizer.php
+++ b/classes/sanitizer.php
@@ -68,7 +68,7 @@ class Sanitizer {
 		// $rewrite_base_url = $site_url ? $site_url : Config::get_self_url();
 		$rewrite_base_url = $site_url ? $site_url : "http://domain.invalid/";
 
-		$entries = $xpath->query('(//a[@href]|//img[@src]|//source[@srcset|@src])');
+		$entries = $xpath->query('(//a[@href]|//img[@src]|//source[@srcset|@src]|//video[@poster])');
 
 		foreach ($entries as $entry) {
 
@@ -100,6 +100,11 @@ class Sanitizer {
 				$entry->setAttribute("srcset", RSSUtils::encode_srcset($matches));
 			}
 
+			if ($entry->hasAttribute('poster')) {
+				$entry->setAttribute('poster',
+					UrlHelper::rewrite_relative($rewrite_base_url, $entry->getAttribute('poster'), $entry->tagName, "poster"));
+			}
+
 			if ($entry->hasAttribute('src') &&
 					($owner && get_pref(Prefs::STRIP_IMAGES, $owner)) || $force_remove_images || ($_SESSION["bw_limit"] ?? false)) {