Changed regex for onfoo event handlers to prevent unwanted matching of text such as locatiON, cONtent, etc.
diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index 4d2e9e2..ac6b864 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -705,7 +705,7 @@
* but it's unlikely to be a problem.
*
*/
- $event_handlers = array('on\w*','xmlns');
+ $event_handlers = array('[^a-z]on\w*','xmlns');
if ($is_image === TRUE)
{
@@ -715,9 +715,9 @@
*/
unset($event_handlers[array_search('xmlns', $event_handlers)]);
}
-
- $str = preg_replace("#<([^><]+)(".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str);
-
+
+ $str = preg_replace("#<([^><]+?)(".implode('|', $event_handlers).")(\s*=\s*[^><]*)([><]*)#i", "<\\1\\4", $str);
+
/*
* Sanitize naughty HTML elements
*