From 07ccbe59cf9d78d944551f810a14064e979840a3 Mon Sep 17 00:00:00 2001
From: brian978 <dbrian89@yahoo.com>
Date: Tue, 11 Dec 2012 20:24:12 +0200
Subject: Modified regexp to match partial tags

---
 system/core/Security.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/core')

diff --git a/system/core/Security.php b/system/core/Security.php
index c179c46ff..70e9e973c 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -329,7 +329,7 @@ class CI_Security {
 		 * these are the ones that will pose security problems.
 		 */
 		$str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str);
-		$str = preg_replace_callback('/<\w+.*?=.*?>/si', array($this, '_decode_entity'), $str);
+		$str = preg_replace_callback('/<\w+.*/si', array($this, '_decode_entity'), $str);
 
 		// Remove Invisible Characters Again!
 		$str = remove_invisible_characters($str);
@@ -529,7 +529,7 @@ class CI_Security {
                 do
                 {
                     $matches = $matches1 = 0;
-                    
+
                     $str = html_entity_decode($str, ENT_COMPAT, $charset);
                     $str = preg_replace('~&#x(0*[0-9a-f]{2,5})~ei', 'chr(hexdec("\\1"))', $str, -1, $matches);
                     $str = preg_replace('~&#([0-9]{2,4})~e', 'chr(\\1)', $str, -1, $matches1);
-- 
cgit v1.2.3-24-g4f1b