diff options
| author | Derek Jones <derek.jones@ellislab.com> | 2009-02-04 21:37:40 +0100 |
|---|---|---|
| committer | Derek Jones <derek.jones@ellislab.com> | 2009-02-04 21:37:40 +0100 |
| commit | 9959fedc755786c34cb5a671443701e8f2885617 (patch) | |
| tree | 94381278a3c27394bb0b8a508fb3c0d9327e72ab | |
| parent | 2976adee7ca940cf1cfeb40d2f5e1beb608548a6 (diff) | |
improvements to xss_clean()
| -rw-r--r-- | system/libraries/Input.php | 11 | ||||
| -rw-r--r-- | user_guide/changelog.html | 1 |
2 files changed, 7 insertions, 5 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php index 347aac3ac..e879e2d13 100644 --- a/system/libraries/Input.php +++ b/system/libraries/Input.php @@ -47,9 +47,10 @@ class CI_Input { ); /* never allowed, regex replacement */ var $never_allowed_regex = array( - "javascript\s*:" => '[removed]', - "expression\s*\(" => '[removed]', // CSS and IE - "Redirect\s+302" => '[removed]' + "javascript\s*:" => '[removed]', + "expression\s*(\(|&\#40;)" => '[removed]', // CSS and IE + "vbscript\s*:" => '[removed]', // IE, surprise! + "Redirect\s+302" => '[removed]' ); /** @@ -946,7 +947,7 @@ class CI_Input { */ function _convert_attribute($match) { - return str_replace(array('>', '<'), array('>', '<'), $match[0]); + return str_replace(array('>', '<', '\\'), array('>', '<', '\\\\'), $match[0]); } // -------------------------------------------------------------------- @@ -1043,7 +1044,7 @@ class CI_Input { { foreach ($matches[0] as $match) { - $out .= "{$match}"; + $out .= preg_replace("#/\*.*?\*/#s", '', $match); } } diff --git a/user_guide/changelog.html b/user_guide/changelog.html index 6c32f5071..43059397b 100644 --- a/user_guide/changelog.html +++ b/user_guide/changelog.html @@ -88,6 +88,7 @@ SVN Revision: </p> </li> <li>Other Changes <ul> + <li>Improved security in <kbd>xss_clean()</kbd>.</li> <li>Added 'application/msexcel' to config/mimes.php for .xls files.</li> </ul> </li> |