mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-06 14:16:32 +02:00
Code Issues Releases Wiki Activity

Protect against font family innerHTML/cssText attacks.

Browse Source 
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
This commit is contained in:
Edward Z. Yang
2011-03-27 20:35:38 +01:00
parent 0dd9e4faf4
commit afb007d22f
10 changed files with 188 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/HTMLPurifier/URI.php
View File

@@ -185,7 +185,7 @@ class HTMLPurifier_URI
// Reconstruct the result
// One might wonder about parsing quirks from browsers after
// this reconstruction. Unfortunately, parsing behaviro depends
// this reconstruction. Unfortunately, parsing behavior depends
// on what *scheme* was employed (file:///foo is handled *very*
// differently than http:///foo), so unfortunately we have to
// defer to the schemes to do the right thing.