fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-12 13:32:16 +09:00
Code Issues Projects Releases Packages Wiki Activity

issue 2239 re-commit r11043 to branch 1.5.3.1

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.1@11044 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ovclas 2012-08-20 01:49:40 +00:00
parent 996000dfd8
commit 50cc3813b9
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
classes/security/EmbedFilter.class.php
View file

@ -328,7 +328,7 @@ class EmbedFilter
if(!$isWhiteDomain && !$isWhiteMimetype && !$isWhiteExt) if(!$isWhiteDomain && !$isWhiteMimetype && !$isWhiteExt)
{ {
$content = str_replace($objectTag, '', $content); $content = str_replace($objectTag, htmlspecialchars($objectTag), $content);
} }
} }
} }
@ -381,7 +381,7 @@ class EmbedFilter
if(!$isWhiteDomain && !$isWhiteMimetype && !$isWhiteExt) if(!$isWhiteDomain && !$isWhiteMimetype && !$isWhiteExt)
{ {
$content = str_replace($embedTag, '', $content); $content = str_replace($embedTag, htmlspecialchars($embedTag), $content);
} }
} }
} }
@ -421,7 +421,7 @@ class EmbedFilter
if(!$isWhiteDomain) if(!$isWhiteDomain)
{ {
$content = str_replace($iframeTag, '', $content); $content = str_replace($iframeTag, htmlspecialchars($iframeTag), $content);
} }
} }
} }
@ -461,7 +461,7 @@ class EmbedFilter
if(!$isWhiteDomain && !$isWhiteExt) if(!$isWhiteDomain && !$isWhiteExt)
{ {
$content = str_replace($paramTag, '', $content); $content = str_replace($paramTag, htmlspecialchars($paramTag), $content);
} }
} }
} }