- Patch #285575 by jk, Bart, Damien Tournoud, et al: fixed XSS problem in default input formats.

author: Dries Buytaert <dries@buytaert.net> 2008-08-14 11:58:06 +0000
committer: Dries Buytaert <dries@buytaert.net> 2008-08-14 11:58:06 +0000
commit: 2df3b5f40347e7155c339586c0a4e559d72848b1 (patch)
tree: 7ebf0bc99bed5da7ada10e5aeeca9edd4204baac /modules
parent: 62735bad75611c43dbce1191149acf008370c8db (diff)
download: brdo-2df3b5f40347e7155c339586c0a4e559d72848b1.tar.gz
brdo-2df3b5f40347e7155c339586c0a4e559d72848b1.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/filter/filter.module b/modules/filter/filter.module
index 210f7fc06..80555997f 100644
--- a/modules/filter/filter.module
+++ b/modules/filter/filter.module
@@ -967,7 +967,7 @@ function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite',
     (
     <(?=[^a-zA-Z!/])  # a lone <
     |                 # or
-    <[^>]*.(>|$)      # a string that starts with a <, up until the > or the end of the string
+    <[^>]*(>|$)       # a string that starts with a <, up until the > or the end of the string
     |                 # or
     >                 # just a >
     )%x', '_filter_xss_split', $string);
author	Dries Buytaert <dries@buytaert.net>	2008-08-14 11:58:06 +0000
committer	Dries Buytaert <dries@buytaert.net>	2008-08-14 11:58:06 +0000
commit	2df3b5f40347e7155c339586c0a4e559d72848b1 (patch)
tree	7ebf0bc99bed5da7ada10e5aeeca9edd4204baac /modules
parent	62735bad75611c43dbce1191149acf008370c8db (diff)
download	brdo-2df3b5f40347e7155c339586c0a4e559d72848b1.tar.gz brdo-2df3b5f40347e7155c339586c0a4e559d72848b1.tar.bz2