From 75455ed414b63a084876f78e01b945f4f59922d4 Mon Sep 17 00:00:00 2001 From: zero Date: Wed, 17 Mar 2010 01:08:02 +0000 Subject: [PATCH] =?UTF-8?q?HTML5=EC=97=90=20=EC=83=88=EB=A1=9C=20=EC=B6=94?= =?UTF-8?q?=EA=B0=80=EB=90=9C=20event=EB=A1=9C=20=EC=9D=B8=ED=95=9C=20?= =?UTF-8?q?=EC=B7=A8=EC=95=BD=EC=A0=90(XSS)=EA=B0=80=20=EB=B0=9C=EC=83=9D?= =?UTF-8?q?=ED=95=98=EC=A7=80=20=EC=95=8A=EB=8F=84=EB=A1=9D=20=EC=BD=94?= =?UTF-8?q?=EB=93=9C=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: http://xe-core.googlecode.com/svn/sandbox@7352 201d5d3c-b55e-5fd7-737f-ddc643e51545 --- config/config.inc.php | 2 +- config/func.inc.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/config/config.inc.php b/config/config.inc.php index 9a2abeeb8..fe25d79b4 100644 --- a/config/config.inc.php +++ b/config/config.inc.php @@ -13,7 +13,7 @@ * @brief XE의 전체 버전 표기 * 이 파일의 수정이 없더라도 공식 릴리즈시에 수정되어 함께 배포되어야 함 **/ - define('__ZBXE_VERSION__', '1.4.0.9'); + define('__ZBXE_VERSION__', '1.4.0.10'); /** * @brief zbXE가 설치된 장소의 base path를 구함 diff --git a/config/func.inc.php b/config/func.inc.php index 95eb19b5c..1263b55ae 100644 --- a/config/func.inc.php +++ b/config/func.inc.php @@ -652,7 +652,7 @@ // 2. 이벤트명 뒤에는 등호(=)가 존재해야하나 앞, 뒤에 공백이 있을 수 있음 // 3. 에디터 컴포넌트에서 on으로 시작하는 변수명을 가질 수 있으므로 실제 이벤트명만을 체크해야 함 $attrs = preg_replace( - '/(\r|\n| )+on(click|dblclick|mousedown|mouseup|mouseover|mouseout|mousemove|keydown|keyup|keypress|load|unload|abort|error|select|change|submit|reset|resize|scroll|focus|blur)+([= ]+)/is', + '/(\r|\n| )+on(click|dblclick|mousedown|mouseup|mouseover|mouseout|mousemove|keydown|keyup|keypress|load|unload|abort|error|select|change|submit|reset|resize|scroll|focus|blur|forminput|input|invaild|drag|dragend|dragenter|dragleave|dragover|dragstart|drop|mousewheel|scroll|canplay|canplaythrough|durationchange|emptied|ended|error|loadeddata|loadstart|pause|play|playing|progress|ratechange|readystatechange|seeked|seeking|stalled|suspend|timeupdate|volumechange|waiting|message|show)+([= ]+)/is', ' _on$2=', $attrs );