--- deliantra/Deliantra-Client/DC.pm	2012/11/17 10:40:08	1.216
+++ deliantra/Deliantra-Client/DC.pm	2012/11/21 13:23:10	1.217
@@ -67,6 +67,27 @@
    $_
 }
 
+sub sanitise_cfxml($) {
+   local $_ = shift;
+
+   # we now weed out all tags we do not support
+   s{ <(?! /?i> | /?u> | /?b> | /?big | /?small | /?s | /?tt | fg\ | /fg>)
+   }{
+      "&lt;"
+   }gex;
+
+   # now all entities
+   s/&(?!amp;|lt;|gt;|apos;|quot;|#[0-9]+;|#x[0-9a-fA-F]+;)/&amp;/g;
+
+   # handle some elements
+   s/<fg name='([^']*)'>(.*?)<\/fg>/<span foreground='$1'>$2<\/span>/gs;
+   s/<fg name="([^"]*)">(.*?)<\/fg>/<span foreground="$1">$2<\/span>/gs;
+
+   s/\s+$//;
+
+   $_
+}
+
 sub background(&;&) {
    my ($bg, $cb) = @_;