commit aebd039a61cb5135b31ab0b8d9d95ed3fb678c7b
author Andrey Andreev <narf@devilix.net> Thu Mar 26 14:15:34 2015 +0200
committer Andrey Andreev <narf@devilix.net> Thu Mar 26 14:15:34 2015 +0200
tree 336c1027c95b91c8e792788a9db6aa8e6f9b2f06
parent 998608ec0cfbbc1b8fd2646abd4018765e413e99

Add FSCommand and seekSegmentTime to evil HTML attributes list

system/core/Security.php

diff --git a/system/core/Security.php b/system/core/Security.php
index 216f0e9..da49776 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -772,7 +772,7 @@
 	 */
 	protected function _remove_evil_attributes($str, $is_image)
 	{
-		$evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href');
+		$evil_attributes = array('on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href', 'FSCommand', 'seekSegmentTime');
 
 		if ($is_image === TRUE)
 		{

tests/codeigniter/core/Security_test.php

diff --git a/tests/codeigniter/core/Security_test.php b/tests/codeigniter/core/Security_test.php
index b5524da..3acd2a5 100644
--- a/tests/codeigniter/core/Security_test.php
+++ b/tests/codeigniter/core/Security_test.php
@@ -144,6 +144,8 @@
 		$this->assertEquals('<foo prefixOnAttribute="bar">', $this->security->remove_evil_attributes('<foo prefixOnAttribute="bar">', FALSE));
 		$this->assertEquals('<foo>onOutsideOfTag=test</foo>', $this->security->remove_evil_attributes('<foo>onOutsideOfTag=test</foo>', FALSE));
 		$this->assertEquals('onNoTagAtAll = true', $this->security->remove_evil_attributes('onNoTagAtAll = true', FALSE));
+		$this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo fscommand=case-insensitive>', FALSE));
+		$this->assertEquals('<foo [removed]>', $this->security->remove_evil_attributes('<foo seekSegmentTime=whatever>', FALSE));
 	}
 
 	// --------------------------------------------------------------------