diff options
| author | Dries Buytaert <dries@buytaert.net> | 2008-08-14 11:58:06 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2008-08-14 11:58:06 +0000 |
| commit | 2df3b5f40347e7155c339586c0a4e559d72848b1 (patch) | |
| tree | 7ebf0bc99bed5da7ada10e5aeeca9edd4204baac | |
| parent | 62735bad75611c43dbce1191149acf008370c8db (diff) | |
| download | brdo-2df3b5f40347e7155c339586c0a4e559d72848b1.tar.gz brdo-2df3b5f40347e7155c339586c0a4e559d72848b1.tar.bz2 | |
- Patch #285575 by jk, Bart, Damien Tournoud, et al: fixed XSS problem in default input formats.
| -rw-r--r-- | modules/filter/filter.module | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/filter/filter.module b/modules/filter/filter.module index 210f7fc06..80555997f 100644 --- a/modules/filter/filter.module +++ b/modules/filter/filter.module @@ -967,7 +967,7 @@ function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite', ( <(?=[^a-zA-Z!/]) # a lone < | # or - <[^>]*.(>|$) # a string that starts with a <, up until the > or the end of the string + <[^>]*(>|$) # a string that starts with a <, up until the > or the end of the string | # or > # just a > )%x', '_filter_xss_split', $string); |