Commit e4be0eb7 authored by Dries's avatar Dries
Browse files

- Patch #327331 by mr.baileys, wrwrwr: fix filter_xss() to not allow empty...

- Patch #327331 by mr.baileys, wrwrwr: fix filter_xss() to not allow empty style/on* attributes at end of opening tag.
parent a1277471
...@@ -1441,7 +1441,7 @@ function _filter_xss_attributes($attr) { ...@@ -1441,7 +1441,7 @@ function _filter_xss_attributes($attr) {
} }
// The attribute list ends with a valueless attribute like "selected". // The attribute list ends with a valueless attribute like "selected".
if ($mode == 1) { if ($mode == 1 && !$skip) {
$attrarr[] = $attrname; $attrarr[] = $attrname;
} }
return $attrarr; return $attrarr;
......
...@@ -912,6 +912,9 @@ class FilterUnitTestCase extends DrupalUnitTestCase { ...@@ -912,6 +912,9 @@ class FilterUnitTestCase extends DrupalUnitTestCase {
$f = _filter_html('<p onerror="alert(0);" />', $filter); $f = _filter_html('<p onerror="alert(0);" />', $filter);
$this->assertNoNormalized($f, 'onerror', t('HTML filter should remove on* attributes on default.')); $this->assertNoNormalized($f, 'onerror', t('HTML filter should remove on* attributes on default.'));
$f = _filter_html('<code onerror>&nbsp;</code>', $filter);
$this->assertNoNormalized($f, 'onerror', t('HTML filter should remove empty on* attributes on default.'));
} }
/** /**
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment