mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-01 11:50:28 +02:00
Code Issues Releases Wiki Activity

Add double-munging protection by checking if the domains are the same.

Browse Source 
Previously, if an absolute munge URL location was used, HTML passed through
HTML Purifier multiple times would be munged multiple times. This patch
checks if the output URI has the same URI as the input URI; if they do,
the munge is considered unnecessary and discarded.

Requested-by: Chris <justbittin@gmail.com>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
This commit is contained in:
Edward Z. Yang
2008-07-26 22:45:19 -06:00
parent 3b6aa10592
commit 85090520f1
3 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
library/HTMLPurifier/URIFilter/Munge.php
View File

@@ -28,7 +28,11 @@ class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter
$this->replace = array_map('rawurlencode', $this->replace);
$new_uri = strtr($this->target, $this->replace);
$uri = $this->parser->parse($new_uri); // overwrite
$new_uri = $this->parser->parse($new_uri);
// don't redirect if the target host is the same as the
// starting host
if ($uri->host === $new_uri->host) return true;
$uri = $new_uri; // overwrite
return true;
}