"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/lib/safehtml/safehtml.php" between
wacko.6.1.14.zip and wacko.6.1.15.zip

About: WackoWiki is a multilingual Wiki-engine that supports WYTIWYG-editing, page rights (ACLs), design themes (skins), file upload, email notification and much more.

safehtml.php  (wacko.6.1.14):safehtml.php  (wacko.6.1.15)
skipping to change at line 20 skipping to change at line 20
* @author Miguel Vazquez Gocobachi <demrit@mx.gnu.org> * @author Miguel Vazquez Gocobachi <demrit@mx.gnu.org>
* @copyright 2004-2020 Roman Ivanov, Miguel Vazquez Gocobachi, WackoWiki Team * @copyright 2004-2020 Roman Ivanov, Miguel Vazquez Gocobachi, WackoWiki Team
* @license http://www.debian.org/misc/bsd.license BSD License (3 Cl ause) * @license http://www.debian.org/misc/bsd.license BSD License (3 Cl ause)
* @version 1.3.12 * @version 1.3.12
* @link https://wackowiki.org/doc/Dev/Projects/SafeHTML * @link https://wackowiki.org/doc/Dev/Projects/SafeHTML
*/ */
/** /**
* This package requires HTMLSax3 package * This package requires HTMLSax3 package
*/ */
require_once(XML_HTMLSAX3 . 'HTMLSax3.php'); require_once XML_HTMLSAX3 . 'HTMLSax3.php';
/** /**
* HTML_Safe Parser * HTML_Safe Parser
* *
* This parser strips down all potentially dangerous content within HTML: * This parser strips down all potentially dangerous content within HTML:
* <ul> * <ul>
* <li>opening tag without its closing tag</li> * <li>opening tag without its closing tag</li>
* <li>closing tag without its opening tag</li> * <li>closing tag without its opening tag</li>
* <li>any of these tags: "base", "basefont", "head", "html", "body", "applet", * <li>any of these tags: "base", "basefont", "head", "html", "body", "applet",
* "object", "iframe", "frame", "frameset", "script", "layer", "ilayer", "embed" , * "object", "iframe", "frame", "frameset", "script", "layer", "ilayer", "embed" ,
skipping to change at line 431 skipping to change at line 431
$this->dcCounter[$name] = isset($this->dcCounter[$name]) $this->dcCounter[$name] = isset($this->dcCounter[$name])
? $this->dcCounter[$name] + 1 ? $this->dcCounter[$name] + 1
: 1; : 1;
} }
if (count($this->dcStack) != 0) if (count($this->dcStack) != 0)
{ {
return true; return true;
} }
if (in_array($name, $this->deleteTags) if ( in_array($name, $this->deleteTags)
&& !in_array($name, $this->allowTags) && !in_array($name, $this->allowTags)
) )
{ {
return true; return true;
} }
if (!preg_match('/^[a-z\d]+$/i', $name)) if (!preg_match('/^[a-z\d]+$/i', $name))
{ {
if (preg_match('!(?:\@|://)!i', $name)) if (preg_match('!(?:\@|://)!i', $name))
{ {
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)