diff options
| author | Derek Jones <derek.jones@ellislab.com> | 2008-05-30 23:22:27 +0200 |
|---|---|---|
| committer | Derek Jones <derek.jones@ellislab.com> | 2008-05-30 23:22:27 +0200 |
| commit | 92bb3e6ad6083b13213c4c3e71d0fbb6a7f83971 (patch) | |
| tree | d45ea1b921bce7264d541812d8bfe6e4c5f76643 /system/libraries | |
| parent | 9f23e7c24c9786bbe576ca6df3dc362581216bef (diff) | |
decided just to kill all on*= event handlers, rather than trying to keep up with (and require users to do the same) with a blacklist.
Diffstat (limited to 'system/libraries')
| -rw-r--r-- | system/libraries/Input.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php index 5f066cc5e..b111108eb 100644 --- a/system/libraries/Input.php +++ b/system/libraries/Input.php @@ -757,7 +757,7 @@ class CI_Input { * but it's unlikely to be a problem.
*
*/
- $event_handlers = array('onblur','onchange','onclick','ondblclick','onended','onerror','onfocus','onkeydown','onkeypress','onkeyup','onload','onmousedown','onmousemove','onmouseover','onmouseout','onmouseup','onresize','onselect','onsubmit','onunload','xmlns');
+ $event_handlers = array('xmlns');
if ($is_image === TRUE)
{
@@ -768,7 +768,7 @@ class CI_Input { unset($event_handlers[array_search('xmlns', $event_handlers)]);
}
- $str = preg_replace("#<([^><]+)(".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str);
+ $str = preg_replace("#<([^><]+)((?=on\w*)|".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str);
/*
* Sanitize naughty HTML elements
|