oldkid/friendica
1
0
Fork 0
mirror of https://git.sekbaer.de/Friendica/friendica.git synced 2025-06-16 20:05:14 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

check all attribute names for validity

Browse source
This commit is contained in:
friendica 2011-11-16 14:23:06 -08:00
parent fb8dbfa1bb
commit ede25aabce
2 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

10
library/HTML5/TreeBuilder.php
View file

@ -3041,9 +3041,13 @@ class HTML5_TreeBuilder {
if (!empty($token['attr'])) {
foreach($token['attr'] as $attr) {
// mike@macgirvin.com 2011-10-21, stray double quotes and/or numeric tags cause everything to abort
$attr['name'] = str_replace('"','',$attr['name']);
if($attr['name'] && (!$el->hasAttribute($attr['name'])) && (! is_numeric($attr['name']))) {
// mike@macgirvin.com 2011-11-17, check attribute name for
// validity (ignoring extenders and combiners) as illegal chars in names
// causes everything to abort
$valid = preg_match('/^[a-zA-Z\_\:]([\-a-zA-Z0-9\_\:\.]+$)/',$attr['name'],$matches);
if($attr['name'] && (!$el->hasAttribute($attr['name'])) && ($valid)) {
$el->setAttribute($attr['name'], $attr['value']);
}
}