From ae0407ab8bd68bccb4f829b9b60a09e3ae5f7bd4 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Thu, 7 Dec 2006 16:34:59 +0000
Subject: - Patch #101775 by Steven: don't cut off posts at a lone <

---
 modules/filter/filter.module | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/modules/filter/filter.module b/modules/filter/filter.module
index 3add5fa56..d95d4d63f 100644
--- a/modules/filter/filter.module
+++ b/modules/filter/filter.module
@@ -1253,9 +1253,11 @@ function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite',
 
   return preg_replace_callback('%
     (
-    <[^>]*.(>|$)  # a string that starts with a <, up until the > or the end of the string
-    |             # or
-    >             # just a >
+    <(?=[^a-zA-Z/])   # a lone <
+    |                 # or
+    <[^>]*.(>|$)      # a string that starts with a <, up until the > or the end of the string
+    |                 # or
+    >                 # just a >
     )%x', '_filter_xss_split', $string);
 }
 
@@ -1286,6 +1288,10 @@ function _filter_xss_split($m, $store = FALSE) {
     // We matched a lone ">" character
     return '&gt;';
   }
+  else if (strlen($string) == 1) {
+    // We matched a lone "<" character
+    return '&lt;';
+  }
 
   if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) {
     // Seriously malformed
-- 
cgit v1.2.3