mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-06 06:07:26 +02:00
Code Issues Releases Wiki Activity

Protect against font family innerHTML/cssText attacks.

Browse Source 
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
This commit is contained in:
Edward Z. Yang
2011-03-27 20:35:38 +01:00
parent 0dd9e4faf4
commit afb007d22f
10 changed files with 188 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/HTMLPurifier/HTMLT/shift-jis-preserve-yen.htmlt
View File

@@ -4,5 +4,5 @@ if (!function_exists('iconv')) return true;
Core.Encoding = "Shift_JIS"
Core.EscapeNonASCIICharacters = true
--HTML--
<b style="font-family:&quot;&#165;&quot;;">111</b>
<b style="font-family:'&#165;';">111</b>
--# vim: et sw=4 sts=4

4
tests/HTMLPurifier/HTMLT/shift-jis-remove-yen.htmlt
View File

@@ -3,7 +3,7 @@ if (!function_exists('iconv')) return true;
--INI--
Core.Encoding = Shift_JIS
--HTML--
<b style="font-family:&quot;&#165;&quot;;">111</b>
<b style="font-family:'&#165;';">111</b>
--EXPECT--
<b style="font-family:&quot;&quot;;">111</b>
<b style="font-family:'';">111</b>
--# vim: et sw=4 sts=4