summaryrefslogtreecommitdiffstats
path: root/system/libraries/Input.php
diff options
context:
space:
mode:
authorDerek Jones <derek.jones@ellislab.com>2008-08-27 16:58:12 +0200
committerDerek Jones <derek.jones@ellislab.com>2008-08-27 16:58:12 +0200
commit9dee6ec7bf77e15a1227785292e507f1a6126a8f (patch)
tree7b9e23bbfb7acc5331f7e2b231fe22b62da97fe6 /system/libraries/Input.php
parent4f3e46129d4ed11c1a1d1570a6ec0580b0a10dc7 (diff)
modified regex for image tag sanitization to retain trailing space and closing slash to remain valid XHTML
Diffstat (limited to 'system/libraries/Input.php')
-rw-r--r--system/libraries/Input.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index ff1dd9b15..dc5b5e5a9 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -685,7 +685,7 @@ class CI_Input {
if (preg_match("/<img/i", $str))
{
- $str = preg_replace_callback("#<img\s+([^>]*?)(>|$)#si", array($this, '_js_img_removal'), $str);
+ $str = preg_replace_callback("#<img\s+([^>]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str);
}
if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str))