);
/**
+ * Stored CDATA information.
+ *
+ * @var string
+ */
+ protected $_cdata = null;
+
+ /**
* Returns a hash with replace patterns.
*
* @return array Patterns hash.
/* Get all attribute="javascript:foo()" tags. This is essentially the
* regex /(=|url\()("?)[^>]*script:/ but expanded to catch camouflage
* with spaces and entities. */
- // The first portion should ensure that CSS data contained within a
- // 'CDATA' section is not matched.
- $preg = '/<\s*[^!][^>]*' .
- '((=|�*61;?|�*3D;?)|' .
+ $preg = '/((=|�*61;?|�*3D;?)|' .
'((u|�*85;?|�*55;?|�*117;?|�*75;?|\\\\0*75)\s*' .
'(r|�*82;?|�*52;?|�*114;?|�*72;?|\\\\0*72)\s*' .
'(l|�*76;?|�*4c;?|�*108;?|�*6c;?|\\\\0*6c)\s*' .
ini_set('pcre.backtrack_limit', 5000000);
}
+ // Remove and store CDATA data.
+ preg_replace_callback('/<!\[CDATA\[.*?\]\]>/is', array($this, '_preProcessCallback'), $text);
+
return $text;
}
/**
+ * Preg callback for preProcess().
+ *
+ * @param array $matches The list of matches.
+ *
+ * @return string The replacement text.
+ */
+ protected function _preProcessCallback($matches)
+ {
+ $this->_cdata = $matches[0];
+ return '<HORDE_CDATA />';
+ }
+
+ /**
* Executes any code necessary after applying the filter patterns.
*
* @param string $text The text after the filtering.
public function postProcess($text)
{
ini_restore('pcre.backtrack_limit');
+
+ // Restore CDATA data
+ if (!is_null($this->_cdata)) {
+ $text = str_replace('<HORDE_CDATA />', $this->_cdata, $text);
+ $this->_cdata = null;
+ }
+
return $text;
}
projects / horde.git / commitdiff