From: Michael M Slusarz Date: Thu, 15 Oct 2009 12:29:53 +0000 (-0600) Subject: XSS filter: support multiple CDATA blocks X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=5c5d64a2d94b62e0154e5e8648e9139a4b3e61ae;p=horde.git XSS filter: support multiple CDATA blocks --- diff --git a/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php b/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php index 148ce7a8b..5aee8eaeb 100644 --- a/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php +++ b/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php @@ -33,7 +33,14 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter * * @var string */ - protected $_cdata = null; + protected $_cdata = array(); + + /** + * CDATA count. + * + * @var integer + */ + protected $_cdatacount = 0; /** * Returns a hash with replace patterns. @@ -243,8 +250,8 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter */ protected function _preProcessCallback($matches) { - $this->_cdata = $matches[0]; - return ''; + $this->_cdata[] = $matches[0]; + return '_cdatacount++ . ' />'; } /** @@ -259,12 +266,25 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter ini_restore('pcre.backtrack_limit'); // Restore CDATA data - if (!is_null($this->_cdata)) { - $text = str_replace('', $this->_cdata, $text); - $this->_cdata = null; + if ($this->_cdatacount) { + $text = preg_replace_callback('//', array($this, '_postProcessCallback'), $text); + $this->_cdata = array(); + $this->_cdatacount = 0; } return $text; } + /** + * Preg callback for preProcess(). + * + * @param array $matches The list of matches. + * + * @return string The replacement text. + */ + protected function _postProcessCallback($matches) + { + return $this->_cdata[$matches[1]]; + } + }