mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-07-10 17:26:25 +02:00
Make SafeScripting case-sensitive.
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
This commit is contained in:
@ -29,7 +29,7 @@ class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule
|
||||
// While technically not required by the spec, we're forcing
|
||||
// it to this value.
|
||||
'type' => 'Enum#text/javascript',
|
||||
'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed))
|
||||
'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed), /*case sensitive*/ true)
|
||||
)
|
||||
);
|
||||
$script->attr_transform_pre[] =
|
||||
|
Reference in New Issue
Block a user