sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Security fix for comments: Strip out dangerousa tags.

Browse Source 
Fix by Michel V.


git-svn-id: https://develop.svn.wordpress.org/trunk@244 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Mike Little 2003-06-23 23:06:12 +00:00
parent 2f2d93d6ec
commit 199a0eaa76
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
b2-include/b2functions.php
View File

@ -1140,6 +1140,15 @@ function balanceTags($text, $is_comment = 0) {
return $text;
}
if ($is_comment) {
// sanitise HTML attributes, remove frame/applet tags
$text = preg_replace('#( on[a-z]{1,}|style|class|id)="(.*?)"#i', '', $text);
$text = preg_replace('#( on[a-z]{1,}|style|class|id)=\'(.*?)\'#i', '', $text);
$text = preg_replace('#([a-z]{1,})="(( |\t)*?)(javascript|vbscript|about):(.*?)"#i', '$1=""', $text);
$text = preg_replace('#([a-z]{1,})=\'(( |\t)*?)(javascript|vbscript|about):(.*?)\'#i', '$1=""', $text);
$text = preg_replace('#\<(\/{0,1})([a-z]{0,2})(frame|applet)(.*?)\>#i', '', $text);
}
$tagstack = array();
$stacksize = 0;
$tagqueue = '';