I'm planning to use SimplePie in a public project (Feed sources are not trusted).
So I wonder how safe is the Library? During parsing processes, does it skip XSS snippets, SQL injections, and other infection methods that my appear in a website's feed?
Is there any option/code I can change/add/remove for better security?
Thank You
I think this is probably not the right place to ask this kind of question. However, looking at the Parser.php file I don't see anything that explicitly tries to sanitize data although there is a file called Sanitize.php that appears to disallow some HTML tags among other things.
If you are really concerned about security, then you will probably have to really dig into the code and modify it to do what you want.