diff options
author | Derek Jones <derek.jones@ellislab.com> | 2008-08-27 16:58:12 +0200 |
---|---|---|
committer | Derek Jones <derek.jones@ellislab.com> | 2008-08-27 16:58:12 +0200 |
commit | 9dee6ec7bf77e15a1227785292e507f1a6126a8f (patch) | |
tree | 7b9e23bbfb7acc5331f7e2b231fe22b62da97fe6 /system/libraries | |
parent | 4f3e46129d4ed11c1a1d1570a6ec0580b0a10dc7 (diff) |
modified regex for image tag sanitization to retain trailing space and closing slash to remain valid XHTML
Diffstat (limited to 'system/libraries')
-rw-r--r-- | system/libraries/Input.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php index ff1dd9b15..dc5b5e5a9 100644 --- a/system/libraries/Input.php +++ b/system/libraries/Input.php @@ -685,7 +685,7 @@ class CI_Input { if (preg_match("/<img/i", $str))
{
- $str = preg_replace_callback("#<img\s+([^>]*?)(>|$)#si", array($this, '_js_img_removal'), $str);
+ $str = preg_replace_callback("#<img\s+([^>]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str);
}
if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str))
|