From 9959fedc755786c34cb5a671443701e8f2885617 Mon Sep 17 00:00:00 2001
From: Derek Jones <derek.jones@ellislab.com>
Date: Wed, 4 Feb 2009 20:37:40 +0000
Subject: improvements to xss_clean()

---
 system/libraries/Input.php | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'system/libraries')

diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index 347aac3ac..e879e2d13 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -47,9 +47,10 @@ class CI_Input {
 									);
 	/* never allowed, regex replacement */
 	var $never_allowed_regex = array(
-										"javascript\s*:"	=> '[removed]',
-										"expression\s*\("	=> '[removed]', // CSS and IE
-										"Redirect\s+302"	=> '[removed]'
+										"javascript\s*:"			=> '[removed]',
+										"expression\s*(\(|&\#40;)"	=> '[removed]', // CSS and IE
+										"vbscript\s*:"				=> '[removed]', // IE, surprise!
+										"Redirect\s+302"			=> '[removed]'
 									);
 
 	/**
@@ -946,7 +947,7 @@ class CI_Input {
 	*/
 	function _convert_attribute($match)
 	{
-		return str_replace(array('>', '<'), array('&gt;', '&lt;'), $match[0]);
+		return str_replace(array('>', '<', '\\'), array('&gt;', '&lt;', '\\\\'), $match[0]);
 	}
 
 	// --------------------------------------------------------------------
@@ -1043,7 +1044,7 @@ class CI_Input {
 		{
 			foreach ($matches[0] as $match)
 			{
-				$out .= "{$match}";
+				$out .= preg_replace("#/\*.*?\*/#s", '', $match);
 			}
 		}
 
-- 
cgit v1.2.3-24-g4f1b