From d02c0ec987e3a884c2deb6077395f79f352abb74 Mon Sep 17 00:00:00 2001
From: haneul <syhan@cs.washington.edu>
Date: Mon, 5 Jul 2010 02:52:44 +0000
Subject: [PATCH] #18986199 : fixed security vulnerability

git-svn-id: http://xe-core.googlecode.com/svn/sandbox@7579 201d5d3c-b55e-5fd7-737f-ddc643e51545
---
 config/func.inc.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/config/func.inc.php b/config/func.inc.php
index 6223e9e4a..a080daab4 100644
--- a/config/func.inc.php
+++ b/config/func.inc.php
@@ -677,8 +677,13 @@
     function _isHackedSrc($src) {
         if(!$src) return false;
         if($src) {
+			$target = trim($src);
+			if(preg_match('/(\s|(\&\#)|(script:))/i', $target)) return true;
+			if(preg_match('/data:/i', $target)) return true;
+
             $url_info = parse_url($src);
             $query = $url_info['query'];
+			if(!trim($query)) return false;
 			$query = str_replace("&amp;","&",$query);
             $queries = explode('&', $query);
             $cnt = count($queries);
@@ -690,9 +695,6 @@
                 $val = strtolower(trim(substr($tmp_str,$pos+1)));
                 if( ($key=='module'&&$val=='admin') || ($key=='act'&&preg_match('/admin/i',$val)) ) return true;
             }
-
-			$target = trim($src);
-			if(preg_match('/(\s|(\&\#)|(script:))/i', $target)) return true;
         }
         return false;
     }