Gitiles
Code Review Sign In
www.giggi.me / code-igniter-v3-giggi / 245038d6a5121f396b231d268d3ca5edac9c105a^! / . / system / libraries / Input.php
commit245038d6a5121f396b231d268d3ca5edac9c105a[log] [tgz]
authorDerek Jones <derek.jones@ellislab.com>Thu May 15 21:58:07 2008 +0000
committerDerek Jones <derek.jones@ellislab.com>Thu May 15 21:58:07 2008 +0000
treeb355b154f96b78bfc650e65639116167fa969b2d
parent63fc5fe5c6d8c9c8a2d693b0f65c3c8af8f2a74f [diff] [blame]
addition xss protection against certain data urls, stripping of anything sent with utf-7 encoding

diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index e6ac460..c1659ab 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php

@@ -747,6 +747,16 @@
 		 *

 		 */

 		$event_handlers = array('onblur','onchange','onclick','onfocus','onload','onmouseover','onmouseup','onmousedown','onselect','onsubmit','onunload','onkeypress','onkeydown','onkeyup','onresize', 'xmlns');

+

+		if ($is_image === TRUE)

+		{

+			/*

+			 * Adobe Photoshop puts XML metadata into JFIF images, including namespacing, 

+			 * so we have to allow this for images. -Paul

+			 */

+			unset($event_handlers[array_search('xmlns', $event_handlers)]);

+		}

+		

 		$str = preg_replace("#<([^>]+)(".implode('|', $event_handlers).")([^>]*)>#iU", "&lt;\\1\\2\\3&gt;", $str);

 

 		/*

@@ -896,7 +906,7 @@
 	 */

 	function _js_link_removal($match)

 	{

-		return preg_replace("#<a.+?href=.*?(alert\(|alert&\#40;|javascript\:|window\.|document\.|\.cookie|<script|<xss|base64\s*,).*?\>.*?</a>#si", "", $match[0]);

+		return preg_replace("#<a.+?href=.*?(alert\(|alert&\#40;|javascript\:|window\.|document\.|\.cookie|<script|<xss|base64\s*,|utf\-7\s*,).*?\>.*?</a>#si", "", $match[0]);

 	}

 

 	/**

@@ -913,7 +923,7 @@
 	 */

 	function _js_img_removal($match)

 	{

-		return preg_replace("#<img.+?src=.*?(alert\(|alert&\#40;|javascript\:|window\.|document\.|\.cookie|<script|<xss|base64\s*,).*?\>#si", "", $match[0]);

+		return preg_replace("#<img.+?src=.*?(alert\(|alert&\#40;|javascript\:|window\.|document\.|\.cookie|<script|<xss|base64\s*,|utf-7\s*,).*?\>#si", "", $match[0]);

 	}

 

 	// --------------------------------------------------------------------