fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-12 15:21:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

XSS 시도를 제거하기 위한 코드에서 에디터 컴포넌트가 동작하지 않게 하는 오류 수정

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/sandbox@4316 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
zero 2008-06-23 01:07:15 +00:00
parent 7fd72f3193
commit abaa76af44
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
config/func.inc.php
View file

@ -425,7 +425,7 @@
function removeJSEvent($matches) {
$tag = strtolower($matches[1]);
if($tag == "a" && preg_match('/href=("|\'?)javascript:/i',$matches[2])) $matches[0] = preg_replace('/href=("|\'?)javascript:/i','href=$1_javascript:', $matches[0]);
return preg_replace('/on([a-z]+)=/i','_on$1=',$matches[0]);
return preg_replace('/ on([a-z]+)=/i',' _on$1=',$matches[0]);
}
// hexa값을 RGB로 변환