diff options
| author | Andrey Andreev <narf@devilix.net> | 2015-09-14 10:16:33 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2015-09-14 10:16:33 +0200 |
| commit | 2a2578b396401ac81017b9cd52189f1fcb497b1e (patch) | |
| tree | 7f4cc4dcae7e1fb2d50df42a4a10ec296698e048 /system/core | |
| parent | 70f60d07253d301ec62789f78587db0dac826a27 (diff) | |
Add 'eval' to a JS blacklist in xss_clean()
Diffstat (limited to 'system/core')
| -rw-r--r-- | system/core/Security.php | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index dd3b2c8f0..3142f7da2 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -436,7 +436,7 @@ class CI_Security { $words = array( 'javascript', 'expression', 'vbscript', 'jscript', 'wscript', 'vbs', 'script', 'base64', 'applet', 'alert', 'document', - 'write', 'cookie', 'window', 'confirm', 'prompt' + 'write', 'cookie', 'window', 'confirm', 'prompt', 'eval' ); foreach ($words as $word) @@ -902,12 +902,15 @@ class CI_Security { */ protected function _js_img_removal($match) { - return str_replace($match[1], - preg_replace('#src=.*?(?:(?:alert|prompt|confirm)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si', - '', - $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])) - ), - $match[0]); + return str_replace( + $match[1], + preg_replace( + '#src=.*?(?:(?:alert|prompt|confirm|eval)(?:\(|&\#40;)|javascript:|livescript:|mocha:|charset=|window\.|document\.|\.cookie|<script|<xss|base64\s*,)#si', + '', + $this->_filter_attributes(str_replace(array('<', '>'), '', $match[1])) + ), + $match[0] + ); } // -------------------------------------------------------------------- |