More efficient regex

author Michael M Slusarz <slusarz@curecanti.org>

Tue, 24 Nov 2009 05:15:27 +0000 (22:15 -0700)

committer Michael M Slusarz <slusarz@curecanti.org>

Tue, 24 Nov 2009 05:15:55 +0000 (22:15 -0700)
author Michael M Slusarz <slusarz@curecanti.org>
Tue, 24 Nov 2009 05:15:27 +0000 (22:15 -0700)
committer Michael M Slusarz <slusarz@curecanti.org>
Tue, 24 Nov 2009 05:15:55 +0000 (22:15 -0700)
diff --git a/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php b/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php

index 5aee8ea..ad26f4e 100644 (file)
--- a/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php
+++ b/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php
@@ -127,19 +127,19 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
              '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)\s*' .
              '(?:i|&#0*73;?|&#x0*49;?|&#0*105;?|&#x0*69;?)\s*' .
              '(?:p|&#0*80;?|&#x0*50;?|&#0*112;?|&#x0*70;?)\s*' .
-            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)(\s*)/i',
+            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)/i',
  
              '/<([^>a-z]*)' .
              '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
              '(?:m|&#0*77;?|&#0*4d;?|&#0*109;?|&#0*6d;?)\s*' .
              '(?:b|&#0*66;?|&#0*42;?|&#0*98;?|&#0*62;?)\s*' .
              '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
-            '(?:d|&#0*68;?|&#0*44;?|&#0*100;?|&#0*64;?)(\s*)/i',
+            '(?:d|&#0*68;?|&#0*44;?|&#0*100;?|&#0*64;?)/i',
  
              '/<([^>a-z]*)' .
              '(?:x|&#0*88;?|&#0*58;?|&#0*120;?|&#0*78;?)\s*' .
              '(?:m|&#0*77;?|&#0*4d;?|&#0*109;?|&#0*6d;?)\s*' .
-            '(?:l|&#0*76;?|&#x0*4c;?|&#0*108;?|&#x0*6c;?)(\s*)/i',
+            '(?:l|&#0*76;?|&#x0*4c;?|&#0*108;?|&#x0*6c;?)/i',
  
              '/<([^>a-z]*)\?([^>a-z]*)' .
              '(?:i|&#0*73;?|&#x0*49;?|&#0*105;?|&#x0*69;?)\s*' .
@@ -147,19 +147,19 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
              '(?:p|&#0*80;?|&#x0*50;?|&#0*112;?|&#x0*70;?)\s*' .
              '(?:o|&#0*79;?|&#0*4f;?|&#0*111;?|&#0*6f;?)\s*' .
              '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)\s*' .
-            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)(\s*)/i',
+            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)/i',
  
              '/<([^>a-z]*)' .
              '(?:m|&#0*77;?|&#0*4d;?|&#0*109;?|&#0*6d;?)\s*' .
              '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
              '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)\s*' .
-            '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)(\s*)/i',
+            '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)/i',
  
              '/<([^>a-z]*)' .
              '(?:j|&#0*74;?|&#0*4a;?|&#0*106;?|&#0*6a;?)\s*' .
              '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)\s*' .
              '(?:v|&#0*86;?|&#0*56;?|&#0*118;?|&#0*76;?)\s*' .
-            '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)(\s*)/i',
+            '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)/i',
  
              '/<([^>a-z]*)' .
              '(?:o|&#0*79;?|&#0*4f;?|&#0*111;?|&#0*6f;?)\s*' .
@@ -167,7 +167,7 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
              '(?:j|&#0*74;?|&#0*4a;?|&#0*106;?|&#0*6a;?)\s*' .
              '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
              '(?:c|&#0*67;?|&#x0*43;?|&#0*99;?|&#x0*63;?)\s*' .
-            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)(\s*)/i',
+            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)/i',
  
              '/<([^>a-z]*)' .
              '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)\s*' .
@@ -175,14 +175,14 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
              '(?:p|&#0*80;?|&#x0*50;?|&#0*112;?|&#x0*70;?)\s*' .
              '(?:l|&#0*76;?|&#x0*4c;?|&#0*108;?|&#x0*6c;?)\s*' .
              '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
-            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)(\s*)/i',
+            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)/i',
  
              '/<([^>a-z]*)' .
              '(?:l|&#0*76;?|&#x0*4c;?|&#0*108;?|&#x0*6c;?)\s*' .
              '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)\s*' .
              '(?:y|&#0*89;?|&#0*59;?|&#0*121;?|&#0*79;?)\s*' .
              '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
-            '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)(\s*)/i',
+            '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)/i',
  
              '/<([^>a-z]*)' .
              '(?:i|&#0*73;?|&#x0*49;?|&#0*105;?|&#x0*69;?)?\s*' .
@@ -190,10 +190,10 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
              '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)\s*' .
              '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)\s*' .
              '(?:m|&#0*77;?|&#0*4d;?|&#0*109;?|&#0*6d;?)\s*' .
-            '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)(\s*)/i');
+            '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)/i');
  
          foreach ($malicious as $pattern) {
-            $patterns[$pattern] = '<$1' . $this->_params['replace'] . '_tag$2';
+            $patterns[$pattern] = '<$1' . $this->_params['replace'] . '_tag';
          }
  
          /* Comment out style/link tags. */
author	Michael M Slusarz <slusarz@curecanti.org>
	Tue, 24 Nov 2009 05:15:27 +0000 (22:15 -0700)
committer	Michael M Slusarz <slusarz@curecanti.org>
	Tue, 24 Nov 2009 05:15:55 +0000 (22:15 -0700)