summaryrefslogtreecommitdiffstats
path: root/index.php
diff options
context:
space:
mode:
authorAndrey Andreev <narf@devilix.net>2015-09-17 14:03:03 +0200
committerAndrey Andreev <narf@devilix.net>2015-09-17 14:03:03 +0200
commit3ceb14a4325a8a3d47747dff3d50fbc392fc3206 (patch)
tree1ecb512dd9344e9524f091808b27311bd6ea06c8 /index.php
parent2022c160a29c5840992e17c23ed79baaaf4a956c (diff)
Refactor 'evil attributes' sanitization logic
Turned out pretty much impossible to do remove 'evil attributes' with just one pattern - it either breaks something else, hits pcre.backtrack_limit or causes PHP to segfault. No benchmarks made, but there shouldn't be any performance regressions since we're now trying to strip attributes only after it is determined that they are inside a tag; up until now this was done seprately for _sanitize_naughty_html() and _remove_evil_attributes().
Diffstat (limited to 'index.php')
0 files changed, 0 insertions, 0 deletions