fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-02 01:52:10 +09:00
Code Issues Projects Releases Packages Wiki Activity

issue 2239 chnage empty string to htmlspecialchars

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@11043 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ovclas 2012-08-20 01:45:36 +00:00
parent ddbe72b5b1
commit a9205610bb
1 changed files with 5 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

16
classes/security/EmbedFilter.class.php
View file

@ -328,7 +328,7 @@ class EmbedFilter
if(!$isWhiteDomain && !$isWhiteMimetype && !$isWhiteExt)
{
$content = str_replace($objectTag, '', $content);
$content = str_replace($objectTag, htmlspecialchars($objectTag), $content);
}
}
}
@ -381,7 +381,7 @@ class EmbedFilter
if(!$isWhiteDomain && !$isWhiteMimetype && !$isWhiteExt)
{
$content = str_replace($embedTag, '', $content);
$content = str_replace($embedTag, htmlspecialchars($embedTag), $content);
}
}
}
@ -400,7 +400,6 @@ class EmbedFilter
foreach($iframeTagList AS $key=>$iframeTag)
{
$isWhiteDomain = true;
$isWhiteExt = true;
$ext = '';
$parser = new HtmlParser($iframeTag);
@ -420,14 +419,9 @@ class EmbedFilter
}
}
if(!$isWhiteDomain && $ext)
if(!$isWhiteDomain)
{
$isWhiteExt = $this->isWhiteExt($ext);
}
if(!$isWhiteDomain && !$isWhiteExt)
{
$content = str_replace($iframeTag, '', $content);
$content = str_replace($iframeTag, htmlspecialchars($iframeTag), $content);
}
}
}
@ -467,7 +461,7 @@ class EmbedFilter
if(!$isWhiteDomain && !$isWhiteExt)
{
$content = str_replace($paramTag, '', $content);
$content = str_replace($paramTag, htmlspecialchars($paramTag), $content);
}
}
}