Fixed bug with regexp that matched tags

commit: 0a83fcc748ef29e644bf9e8cac4d7dd9a7408d5f [log] [tgz]
author: brian978 <dbrian89@yahoo.com> Mon Dec 10 13:05:06 2012 +0200
committer: brian978 <dbrian89@yahoo.com> Mon Dec 10 13:05:06 2012 +0200
tree: 3116c48a385037159abb176b95153104588cd0d9
parent: f50fc73cf63136b720c2bd247175f236d5b27eaa [diff] [blame]
diff --git a/system/core/Security.php b/system/core/Security.php
index 220188e..635f9ff 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php

@@ -329,7 +329,7 @@
 		 * these are the ones that will pose security problems.
 		 */
 		$str = preg_replace_callback("/[a-z]+=([\'\"]).*?\\1/si", array($this, '_convert_attribute'), $str);
-		$str = preg_replace_callback('/<\w+.*?(?=>|<|$)/si', array($this, '_decode_entity'), $str);
+		$str = preg_replace_callback('/<\w+.*?=.*?>\b/si', array($this, '_decode_entity'), $str);
 
 		// Remove Invisible Characters Again!
 		$str = remove_invisible_characters($str);
commit	0a83fcc748ef29e644bf9e8cac4d7dd9a7408d5f	[log] [tgz]
author	brian978 <dbrian89@yahoo.com>	Mon Dec 10 13:05:06 2012 +0200
committer	brian978 <dbrian89@yahoo.com>	Mon Dec 10 13:05:06 2012 +0200
tree	3116c48a385037159abb176b95153104588cd0d9
parent	f50fc73cf63136b720c2bd247175f236d5b27eaa [diff] [blame]