mirror of
https://github.com/erusev/parsedown.git
synced 2024-09-20 03:51:29 +02:00
whitelist regex for good attribute (no
no chars that could form a delimiter allowed
This commit is contained in:
parent
aee3963e6b
commit
4bae1c9834
@ -1505,7 +1505,7 @@ class Parsedown
|
|||||||
|
|
||||||
protected function sanitiseElement(array $Element)
|
protected function sanitiseElement(array $Element)
|
||||||
{
|
{
|
||||||
static $badAttributeChars = "\"'= \t\n\r\0\x0B";
|
static $goodAttribute = '/^[a-zA-Z0-9][a-zA-Z0-9-_]*+$/';
|
||||||
static $safeUrlNameToAtt = array(
|
static $safeUrlNameToAtt = array(
|
||||||
'a' => 'href',
|
'a' => 'href',
|
||||||
'img' => 'src',
|
'img' => 'src',
|
||||||
@ -1520,23 +1520,16 @@ class Parsedown
|
|||||||
{
|
{
|
||||||
foreach ($Element['attributes'] as $att => $val)
|
foreach ($Element['attributes'] as $att => $val)
|
||||||
{
|
{
|
||||||
# clear out nulls
|
|
||||||
if ($val === null)
|
|
||||||
{
|
|
||||||
unset($Element['attributes'][$att]);
|
|
||||||
}
|
|
||||||
# filter out badly parsed attribute
|
# filter out badly parsed attribute
|
||||||
elseif (strpbrk($att, $badAttributeChars) !== false)
|
if ( ! preg_match($goodAttribute, $att))
|
||||||
|
{
|
||||||
|
unset($Element['attributes'][$att]);
|
||||||
|
}
|
||||||
|
# dump onevent attribute
|
||||||
|
elseif (preg_match('/^on/i', $att))
|
||||||
{
|
{
|
||||||
unset($Element['attributes'][$att]);
|
unset($Element['attributes'][$att]);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
$onEventAttributeKeys = preg_grep('/^on/i', array_keys($Element['attributes']));
|
|
||||||
|
|
||||||
foreach ($onEventAttributeKeys as $att)
|
|
||||||
{
|
|
||||||
unset($Element['attributes'][$att]);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user