Skip to content

Commit

Permalink
Fixed issue with null bytes in the default xss filter. Fixes #2669
Browse files Browse the repository at this point in the history
  • Loading branch information
isaiah committed Mar 6, 2010
1 parent aa7a353 commit da26200
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion system/libraries/Input.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -465,7 +465,7 @@ protected function xss_filter_default($data)
{
// Remove really unwanted tags
$old_data = $data;
$data = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
$data = preg_replace('#</*[\x00-\x20]*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
}
while ($old_data !== $data);

Expand Down

0 comments on commit da26200

Please sign in to comment.