mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-08 07:36:32 +02:00
Code Issues Releases Wiki Activity

cleanHtml() was urlencoding {e_XXXX} paths in html.

Browse Source
This commit is contained in:
Cameron
2013-05-01 03:13:29 -07:00
parent b5c96d787b
commit e064ae2085
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
e107_handlers/e_parse_class.php
View File

@@ -487,7 +487,9 @@ class e_parse extends e_parser
if (strip_tags($data) != $data) // html tags present. if (strip_tags($data) != $data) // html tags present.
{ {
$data = $this->cleanHtml($data); // sanitize all html. $data = $this->cleanHtml($data); // sanitize all html.
$data = urldecode($data); // symptom of cleaning the HTML - urlencodes src attributes containing { and } .eg. {e_BASE}
// if ($this->htmlAbuseFilter($data)) $no_encode = FALSE; //XXX cleanHtml() is more effective. // if ($this->htmlAbuseFilter($data)) $no_encode = FALSE; //XXX cleanHtml() is more effective.
} }