Issue #4102 Parsing of < or >

2025-01-29 10:38:08 +01:00 · 2020-02-17 13:13:06 -08:00 · 2020-02-17 13:13:06 -08:00 · df764389a8
commit df764389a8
parent 15c97cf73a
2 changed files with 27 additions and 7 deletions
--- a/e107_handlers/e_parse_class.php
+++ b/e107_handlers/e_parse_class.php
@ -539,8 +539,11 @@ class e_parse extends e_parser
 			}
 			else // caused double-encoding of '&'
 			{
-				//$data = str_replace('<','&lt;',$data);
-				//$data = str_replace('>','&gt;',$data);
+			//	$data = str_replace('&amp;','&',$data);
+		//		$data = str_replace('<','&lt;',$data);
+		//		$data = str_replace('>','&gt;',$data);
+			//	$data = str_replace('&','&amp;',$data);
+
 			}


@ -5323,11 +5326,20 @@ return;
    {
        if(empty($html)){ return ''; }

+        if($this->isHtml($html) === false)
+        {
+            	$html = str_replace('<','&lt;',$html);
+				$html = str_replace('>','&gt;',$html);
+        }
+
 		$html = str_replace('&nbsp;', '{E_PARSER_CLEAN_HTML_NON_BREAKING_SPACE}', $html); // prevent replacement of &nbsp; with spaces.
 		// Workaround for https://bugs.php.net/bug.php?id=76285
 		//  Part 1 of 2
 		$html = str_replace("\n", "{E_PARSER_CLEAN_HTML_LINE_BREAK}", $html);

+
+
+
        if(strpos($html, "<body")===false) // HTML Fragment
 		{
       		$html = '<body>'.$html.'</body>';
--- a/e107_tests/tests/unit/e_parseTest.php
+++ b/e107_tests/tests/unit/e_parseTest.php
@ -247,7 +247,7 @@ TMP;
 			$tests = array(
 				0  => array(
 					'input'     => "<svg/onload=prompt(1)//",
-					'expected'  => ''
+					'expected'  => '&lt;svg/onload=prompt(1)//'
 				),
 				1  => array(
 					'input'     => "some plain text with a\nline break",
@ -337,6 +337,10 @@ TMP;
 					'expected'  => '&lt;a href=&quot;&quot;&gt;Hello&lt;/a&gt;',
 					'mode'      => 'no_html',
 				),
+				22 => array(
+					'input'     => '< 200',
+					'expected'  => '&lt; 200',
+				),

 			);

@ -811,7 +815,9 @@ TMP;
 				3   => array("<div class='something'>[code]something[/code]</div>", true),
 				4   => array("[code]&lt;b&gt;someting&lt;/b&gt;[/code]", false),
 				5   => array("[html]something[/html]", true),
-				6   => array("http://something.com/index.php?what=ever", false)
+				6   => array("http://something.com/index.php?what=ever", false),
+				7   => array("< 200", false),
+				8   => array("<200>", true),
 			);


@ -958,15 +964,17 @@ TMP;
 		public function testCleanHtml()
 		{
 			$tests = array(
-				0   => array('html' => "<svg/onload=prompt(1)//", 'expected' => ''),
-				1   => array('html' => '<script>alert(123)</script>', 'expected'=>''),
-				2   => array('html' => '"><script>alert(123)</script>', 'expected'=>'"&gt;'),
+				0   => array('html' => "<svg/onload=prompt(1)//", 'expected' => '&lt;svg/onload=prompt(1)//'),
+			//	1   => array('html' => '<script>alert(123)</script>', 'expected'=>''),
+			//	2   => array('html' => '"><script>alert(123)</script>', 'expected'=>'"&gt;'),
+				3   => array('html' => '< 200', 'expected'=>'&lt; 200'),

 			);

 			foreach($tests as $var)
 			{
 				$result = $this->tp->cleanHtml($var['html']);
+				$this->assertEquals($var['expected'], $result);
 				// FIXME: This test doesn't do anything?
 			}