diff options
| author | Andrey Andreev <narf@devilix.net> | 2016-03-11 20:04:43 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2016-03-11 20:04:43 +0100 |
| commit | a190d78a0238a0a6abd463823321bef15713e312 (patch) | |
| tree | a4e49327f8e6ca1660018cebf3b06131ae3e5faf /system/core/Security.php | |
| parent | 3b74f57cfa6c43eab4c7cce440a454d095974a45 (diff) | |
| parent | 4f9b20ae507dda7379d392386fb7ce5702626a91 (diff) | |
Merge branch '3.0-stable' into develop
Resolved conflicts:
system/core/CodeIgniter.php
user_guide_src/source/changelog.rst
user_guide_src/source/conf.py
user_guide_src/source/installation/downloads.rst
user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'system/core/Security.php')
| -rw-r--r-- | system/core/Security.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index bad511dd3..d5305d1ca 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -762,7 +762,14 @@ class CI_Security { */ public function strip_image_tags($str) { - return preg_replace(array('#<img[\s/]+.*?src\s*=\s*["\'](.+?)["\'].*?\>#', '#<img[\s/]+.*?src\s*=\s*(.+?).*?\>#'), '\\1', $str); + return preg_replace( + array( + '#<img[\s/]+.*?src\s*=\s*(["\'])([^\\1]+?)\\1.*?\>#i', + '#<img[\s/]+.*?src\s*=\s*?(([^\s"\'=<>`]+)).*?\>#i' + ), + '\\2', + $str + ); } // ---------------------------------------------------------------- |