Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

- Patch #101775 by Steven: don't cut off posts at a lone <

5.x
Dries Buytaert 2006-12-07 16:34:59 +00:00
parent cc2cb795d5
commit ae0407ab8b
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/filter/filter.module
View File

@ -1253,9 +1253,11 @@ function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite',
return preg_replace_callback('%
(
<[^>]*.(>|$) # a string that starts with a <, up until the > or the end of the string
| # or
> # just a >
<(?=[^a-zA-Z/]) # a lone <
| # or
<[^>]*.(>|$) # a string that starts with a <, up until the > or the end of the string
| # or
> # just a >
)%x', '_filter_xss_split', $string);
}
@ -1286,6 +1288,10 @@ function _filter_xss_split($m, $store = FALSE) {
// We matched a lone ">" character
return '&gt;';
}
else if (strlen($string) == 1) {
// We matched a lone "<" character
return '&lt;';
}
if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) {
// Seriously malformed