From ab0e31f09a8cf3596e6547fc47fd085a0d2bcdd0 Mon Sep 17 00:00:00 2001
From: Derek Jones
Date: Fri, 5 Dec 2008 22:03:47 +0000
Subject: fixed a bug where whitespace would be lost if a string was forced
into a character entity e.g.
&foo you know?
would become
&foo;you know?
instead of
&foo; you know?
---
system/libraries/Input.php | 2 +-
user_guide/changelog.html | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index f26df7552..347aac3ac 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -555,7 +555,7 @@ class CI_Input {
* the conversion of entities to ASCII later.
*
*/
- $str = preg_replace('#(&\#?[0-9a-z]{2,})[\x00-\x20]*;?#i', "\\1;", $str);
+ $str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str);
/*
* Validate UTF16 two byte encoding (x00)
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 48b197083..196817552 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -93,6 +93,7 @@ SVN Revision:
Fixed some accuracy issues with curly quotes in Typography::format_characters()
Changed a few docblock comments to reflect actual return values.
Fixed a bug with high ascii characters in subject and from email headers.
+ Fixed a bug in xss_clean() where whitespace following a validated character entity would not be preserved.
--
cgit v1.2.3-24-g4f1b