From fbc7ae43c8e0cb3ebbaf4349f2bfed5d96e6fb68 Mon Sep 17 00:00:00 2001
From: Andrew Nacin <nacin@git.wordpress.org>
Date: Fri, 21 Jun 2013 03:29:13 +0000
Subject: [PATCH] Better sanity checks in oEmbed XML handling. see [23158].

git-svn-id: https://develop.svn.wordpress.org/trunk@24470 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/class-oembed.php | 33 +++++++++++----------------------
 1 file changed, 11 insertions(+), 22 deletions(-)

diff --git a/wp-includes/class-oembed.php b/wp-includes/class-oembed.php
index fb225ad6ef..a56cdc6008 100644
--- a/wp-includes/class-oembed.php
+++ b/wp-includes/class-oembed.php
@@ -224,35 +224,24 @@ class WP_oEmbed {
 		if ( !function_exists('simplexml_load_string') ) {
 			return false;
 		}
-
-		if ( ! class_exists( 'DOMDocument' ) )
+		if ( ! function_exists( 'libxml_disable_entity_loader' ) )
 			return false;
 
+		$loader = libxml_disable_entity_loader( true );
+
 		$errors = libxml_use_internal_errors( true );
-		$old_value = null;
-		if ( function_exists( 'libxml_disable_entity_loader' ) ) {
-			$old_value = libxml_disable_entity_loader( true );
-		}
-
-		$dom = new DOMDocument;
-		$success = $dom->loadXML( $response_body );
-
-		if ( ! is_null( $old_value ) ) {
-			libxml_disable_entity_loader( $old_value );
-		}
+		$data = simplexml_load_string( $response_body );
 		libxml_use_internal_errors( $errors );
 
-		if ( ! $success || isset( $dom->doctype ) ) {
-			return false;
+		$return = false;
+		if ( is_object( $data ) ) {
+			$return = new stdClass;
+			foreach ( $data as $key => $value ) {
+				$return->$key = (string) $value;
+			}
 		}
 
-		$data = simplexml_import_dom( $dom );
-		if ( ! is_object( $data ) )
-			return false;
-
-		$return = new stdClass;
-		foreach ( $data as $key => $value )
-			$return->$key = (string) $value;
+		libxml_disable_entity_loader( $loader );
 		return $return;
 	}