includes/functions.php
changeset 817 880c4b7eb658
parent 801 eb8b23f11744
child 825 9d5c04c1414f
equal deleted inserted replaced
816:44b8446533e1 817:880c4b7eb658
  1969   // Vulnerability from ha.ckers.org/xss.html:
  1969   // Vulnerability from ha.ckers.org/xss.html:
  1970   // <script src="http://foo.com/xss.js"
  1970   // <script src="http://foo.com/xss.js"
  1971   // <
  1971   // <
  1972   // The rule is so specific because everything else will have been filtered by now
  1972   // The rule is so specific because everything else will have been filtered by now
  1973   $html = preg_replace('/<(script|iframe)(.+?)src=([^>]*)</i', '&lt;\\1\\2src=\\3&lt;', $html);
  1973   $html = preg_replace('/<(script|iframe)(.+?)src=([^>]*)</i', '&lt;\\1\\2src=\\3&lt;', $html);
       
  1974   
       
  1975   // Vulnerability reported by fuzion from nukeit.org:
       
  1976   // XSS in closing HTML tag style attribute
       
  1977   // Fix: escape all closing tags with non-whitelisted characters
       
  1978   $html = preg_replace('!</((?:.*)([^a-z0-9-_:]+)(?:.*))>!', '&lt;/\\1&gt;', $html);
  1974 
  1979 
  1975   // Restore stripped comments
  1980   // Restore stripped comments
  1976   $i = 0;
  1981   $i = 0;
  1977   foreach ( $comment_match[0] as $comment )
  1982   foreach ( $comment_match[0] as $comment )
  1978   {
  1983   {