modified regex for image tag sanitization to retain trailing space and closing slash to remain valid XHTML
diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index ff1dd9b..dc5b5e5 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -685,7 +685,7 @@
if (preg_match("/<img/i", $str))
{
- $str = preg_replace_callback("#<img\s+([^>]*?)(>|$)#si", array($this, '_js_img_removal'), $str);
+ $str = preg_replace_callback("#<img\s+([^>]*?)(\s?/?>|$)#si", array($this, '_js_img_removal'), $str);
}
if (preg_match("/script/i", $str) OR preg_match("/xss/i", $str))