Mercurial Mercurial > repos > enano-1.0 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
includes/functions.php
changeset 316 42419c99471c
parent 308 25691e0841f1
child 318 eec2dfd2f0a3
equal deleted inserted replaced
315:01e7206b4441 316:42419c99471c 
  1852   // Vulnerability from ha.ckers.org/xss.html:
 
  1852   // Vulnerability from ha.ckers.org/xss.html:
 
  1853   // <script src="http://foo.com/xss.js"
 
  1853   // <script src="http://foo.com/xss.js"
 
  1854   // <
 
  1854   // <
 
  1855   // The rule is so specific because everything else will have been filtered by now
 
  1855   // The rule is so specific because everything else will have been filtered by now
 
  1856   $html = preg_replace('/<(script|iframe)(.+?)src=([^>]*)</i', '&lt;\\1\\2src=\\3&lt;', $html);
 
  1856   $html = preg_replace('/<(script|iframe)(.+?)src=([^>]*)</i', '&lt;\\1\\2src=\\3&lt;', $html);
 
       
  1857   
       
  1858   // Vulnerability reported by fuzion from nukeit.org:
 
       
  1859   // XSS in closing HTML tag style attribute
 
       
  1860   // Fix: escape all closing tags with non-whitelisted characters
 
       
  1861   $html = preg_replace('!</((?:.*)([^a-z0-9-_:]+)(?:.*))>!', '&lt;/\\1&gt;', $html);
 
  1857 
  1862 
  1858   // Restore stripped comments
 
  1863   // Restore stripped comments
 
  1859   $i = 0;
 
  1864   $i = 0;
 
  1860   foreach ( $comment_match[0] as $comment )
 
  1865   foreach ( $comment_match[0] as $comment )
 
  1861   {
 
  1866   {
Enano CMS (1.0.x)