From 4c866e0b911fcc82cf49b317178788ce3c319bd4 Mon Sep 17 00:00:00 2001 From: brian978 Date: Mon, 3 Dec 2012 21:18:20 +0200 Subject: Added small improvement to the _remove_evil_attributes function Signed-off-by: brian978 Signed-off-by: Wes Baker Conflicts: system/core/Security.php --- system/core/Security.php | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'system/core/Security.php') diff --git a/system/core/Security.php b/system/core/Security.php index 00089d765..b0d39b981 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -619,17 +619,16 @@ class CI_Security { $count = 0; $attribs = array(); - // find occurrences of illegal attribute strings without quotes - preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*([^\s>]*)/is', $str, $matches, PREG_SET_ORDER); + // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is', $str, $matches, PREG_SET_ORDER); foreach ($matches as $attr) { - $attribs[] = preg_quote($attr[0], '/'); } - // find occurrences of illegal attribute strings with quotes (042 and 047 are octal quotes) - preg_match_all("/(".implode('|', $evil_attributes).")\s*=\s*(\042|\047)([^\\2]*?)(\\2)/is", $str, $matches, PREG_SET_ORDER); + // find occurrences of illegal attribute strings without quotes + preg_match_all('/('.implode('|', $evil_attributes).')\s*=\s*([^\s>]*)/is', $str, $matches, PREG_SET_ORDER); foreach ($matches as $attr) { @@ -639,7 +638,7 @@ class CI_Security { // replace illegal attribute strings that are inside an html tag if (count($attribs) > 0) { - $str = preg_replace("/<(\/?[^><]+?)([^A-Za-z<>\-])(.*?)(".implode('|', $attribs).")(.*?)([\s><])([><]*)/i", '<$1 $3$5$6$7', $str, -1, $count); + $str = preg_replace('/(<]+?)([^A-Za-z<>\-])(.*?)('.implode('|', $attribs).')(.*?)([\s><]?)([><]*)/i', '$1$2 $4$6$7$8', $str, -1, $count); } } while ($count); @@ -873,4 +872,4 @@ class CI_Security { } /* End of file Security.php */ -/* Location: ./system/libraries/Security.php */ \ No newline at end of file +/* Location: ./system/libraries/Security.php */ -- cgit v1.2.3-24-g4f1b From c5f99fdcc5c4a918b5b8fe3ddbd56ab25ad1c22b Mon Sep 17 00:00:00 2001 From: Wes Baker Date: Mon, 8 Jul 2013 17:22:21 -0400 Subject: Updating User Guide for 2.1.4. --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core/Security.php') diff --git a/system/core/Security.php b/system/core/Security.php index b0d39b981..a7db5a46b 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -609,7 +609,7 @@ class CI_Security { if ($is_image === TRUE) { /* - * Adobe Photoshop puts XML metadata into JFIF images, + * Adobe Photoshop puts XML metadata into JFIF images, * including namespacing, so we have to allow this for images. */ unset($evil_attributes[array_search('xmlns', $evil_attributes)]); -- cgit v1.2.3-24-g4f1b From 763e0bac83767dc2b8ae2c92192580a95121a624 Mon Sep 17 00:00:00 2001 From: Wes Baker Date: Mon, 8 Jul 2013 17:25:20 -0400 Subject: Revert "Updating User Guide for 2.1.4." This reverts commit c5f99fdcc5c4a918b5b8fe3ddbd56ab25ad1c22b. Signed-off-by: Wes Baker --- system/core/Security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'system/core/Security.php') diff --git a/system/core/Security.php b/system/core/Security.php index a7db5a46b..b0d39b981 100755 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -609,7 +609,7 @@ class CI_Security { if ($is_image === TRUE) { /* - * Adobe Photoshop puts XML metadata into JFIF images, + * Adobe Photoshop puts XML metadata into JFIF images, * including namespacing, so we have to allow this for images. */ unset($evil_attributes[array_search('xmlns', $evil_attributes)]); -- cgit v1.2.3-24-g4f1b