diff options
| -rw-r--r-- | system/core/Security.php | 2 | ||||
| -rw-r--r-- | tests/codeigniter/core/Security_test.php | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 216f0e98b..da497762d 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -772,7 +772,7 @@ class CI_Security { */ protected function _remove_evil_attributes($str, $is_image) { - $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href'); + $evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime'); if ($is_image === TRUE) { diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php index b5524da0f..3acd2a598 100644 --- a/tests/codeigniter/core/Security_test.php +++ b/tests/codeigniter/core/Security_test.php @@ -144,6 +144,8 @@ class Security_test extends CI_TestCase { $this->assertEquals('<foo prefixOnAttribute="bar">', $this->security->remove_evil_attributes('<foo prefixOnAttribute="bar">', FALSE)); $this->assertEquals('<foo>onOutsideOfTag=test</foo>', $this->security->remove_evil_attributes('<foo>onOutsideOfTag=test</foo>', FALSE)); $this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', FALSE)); + $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo fscommand=case-insensitive>', FALSE)); + $this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo seekSegmentTime=whatever>', FALSE)); } // -------------------------------------------------------------------- |