Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
project
drupal
Commits
afd8ccaf
Commit
afd8ccaf
authored
Dec 28, 2005
by
Steven Wittens
Browse files
-
#27230
: Fix XHTML slash in XSS filter
parent
7445e8e8
Changes
2
Hide whitespace changes
Inline
Side-by-side
modules/filter.module
View file @
afd8ccaf
...
...
@@ -1134,13 +1134,14 @@ function _filter_xss_split($m, $store = FALSE) {
return
"</
$elem
>"
;
}
// Is there a closing XHTML slash at the end of the attributes?
$xhtml_slash
=
preg_match
(
'%\s/\s*$%'
,
$attr
)
?
'/'
:
''
;
$xhtml_slash
=
preg_match
(
'%\s
?
/\s*$%'
,
$attr
list
)
?
'
/'
:
''
;
// Clean up attributes
$attr2
=
implode
(
' '
,
_filter_xss_attributes
(
$attrlist
));
$attr2
=
preg_replace
(
'/[<>]/'
,
''
,
$attr2
);
$attr2
=
strlen
(
$attr2
)
?
' '
.
$attr2
:
''
;
return
"<
$elem
$attr2$xhtml_slash
>"
;
return
"<
$elem$attr2$xhtml_slash
>"
;
}
/**
...
...
modules/filter/filter.module
View file @
afd8ccaf
...
...
@@ -1134,13 +1134,14 @@ function _filter_xss_split($m, $store = FALSE) {
return
"</
$elem
>"
;
}
// Is there a closing XHTML slash at the end of the attributes?
$xhtml_slash
=
preg_match
(
'%\s/\s*$%'
,
$attr
)
?
'/'
:
''
;
$xhtml_slash
=
preg_match
(
'%\s
?
/\s*$%'
,
$attr
list
)
?
'
/'
:
''
;
// Clean up attributes
$attr2
=
implode
(
' '
,
_filter_xss_attributes
(
$attrlist
));
$attr2
=
preg_replace
(
'/[<>]/'
,
''
,
$attr2
);
$attr2
=
strlen
(
$attr2
)
?
' '
.
$attr2
:
''
;
return
"<
$elem
$attr2$xhtml_slash
>"
;
return
"<
$elem$attr2$xhtml_slash
>"
;
}
/**
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
