Add <button> to the list of 'naugthy' html elements in CI_Security::xss_clean()

commit: 4356806dc0298363217694d727db9cad84a073e0 [log] [tgz]
author: Andrey Andreev <narf@devilix.net> Tue Jan 21 23:52:31 2014 +0200
committer: Andrey Andreev <narf@devilix.net> Tue Jan 21 23:52:31 2014 +0200
tree: 16109f0ecca2963cbc3085c50a37638b00dbcdda
parent: 1a9a4dc55112d264a61e1c50cf52733c993e0e52 [diff] [blame]
diff --git a/system/core/Security.php b/system/core/Security.php
index 95957a3..eb26958 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php

@@ -134,7 +134,7 @@
 		'(document|(document\.)?window)\.(location|on\w*)',
 		'expression\s*(\(|&\#40;)', // CSS and IE
 		'vbscript\s*:', // IE, surprise!
-		'Redirect\s+302',
+		'Redirect\s+30\d',
 		"([\"'])?data\s*:[^\\1]*?base64[^\\1]*?,[^\\1]*?\\1?"
 	);
 
@@ -456,7 +456,7 @@
 		 * So this: <blink>
 		 * Becomes: &lt;blink&gt;
 		 */
-		$naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss';
+		$naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|button|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss';
 		$str = preg_replace_callback('#<(/*\s*)('.$naughty.')([^><]*)([><]*)#is', array($this, '_sanitize_naughty_html'), $str);
 
 		/*
commit	4356806dc0298363217694d727db9cad84a073e0	[log] [tgz]
author	Andrey Andreev <narf@devilix.net>	Tue Jan 21 23:52:31 2014 +0200
committer	Andrey Andreev <narf@devilix.net>	Tue Jan 21 23:52:31 2014 +0200
tree	16109f0ecca2963cbc3085c50a37638b00dbcdda
parent	1a9a4dc55112d264a61e1c50cf52733c993e0e52 [diff] [blame]