From ab0e31f09a8cf3596e6547fc47fd085a0d2bcdd0 Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Fri, 5 Dec 2008 22:03:47 +0000
Subject: fixed a bug where whitespace would be lost if a string was forced
 into a character entity e.g.

	&foo you know?

would become

	&foo;you know?

instead of

	&foo; you know?
---
 system/libraries/Input.php | 2 +-
 user_guide/changelog.html  | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index f26df7552..347aac3ac 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -555,7 +555,7 @@ class CI_Input {
 		* the conversion of entities to ASCII later.
 		*
 		*/
-		$str = preg_replace('#(&\#?[0-9a-z]{2,})[\x00-\x20]*;?#i', "\\1;", $str);
+		$str = preg_replace('#(&\#?[0-9a-z]{2,})([\x00-\x20])*;?#i', "\\1;\\2", $str);
 
 		/*
 		* Validate UTF16 two byte encoding (x00) 
diff --git a/user_guide/changelog.html b/user_guide/changelog.html
index 48b197083..196817552 100644
--- a/user_guide/changelog.html
+++ b/user_guide/changelog.html
@@ -93,6 +93,7 @@ SVN Revision: </p>
 	<li>Fixed some accuracy issues with curly quotes in Typography::format_characters()</li>
 	<li>Changed a few docblock comments to reflect actual return values.</li>
 	<li>Fixed a bug with high ascii characters in subject and from email headers.</li>
+	<li>Fixed a bug in xss_clean() where whitespace following a validated character entity would not be preserved.</li>
 </ul>
 
 
-- 
cgit v1.2.3-24-g4f1b