From 0a83fcc748ef29e644bf9e8cac4d7dd9a7408d5f Mon Sep 17 00:00:00 2001
From: brian978 <dbrian89@yahoo.com>
Date: Mon, 10 Dec 2012 13:05:06 +0200
Subject: Fixed bug with regexp that matched tags

---
 system/core/Security.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/system/core/Security.php b/system/core/Security.php
index 220188edc..635f9ff31 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -329,7 +329,7 @@ class CI_Security {
 		 * these are the ones that will pose security problems.
 		 */
 		$str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str);
-		$str = preg_replace_callback('/<\w+.*?(?=>|<|$)/si', array($this, '_decode_entity'), $str);
+		$str = preg_replace_callback('/<\w+.*?=.*?>\b/si', array($this, '_decode_entity'), $str);
 
 		// Remove Invisible Characters Again!
 		$str = remove_invisible_characters($str);
-- 
cgit v1.2.3-24-g4f1b