From: Michael M Slusarz <slusarz@curecanti.org>
Date: Tue, 24 Nov 2009 05:15:27 +0000 (-0700)
Subject: More efficient regex
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=b985abda1822ab9fde68d9e4dc7dcd16b6d6ebbc;p=horde.git

More efficient regex
---

diff --git a/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php b/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php
index 5aee8eaeb..ad26f4ee1 100644
--- a/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php
+++ b/framework/Text_Filter/lib/Horde/Text/Filter/Xss.php
@@ -127,19 +127,19 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
             '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)\s*' .
             '(?:i|&#0*73;?|&#x0*49;?|&#0*105;?|&#x0*69;?)\s*' .
             '(?:p|&#0*80;?|&#x0*50;?|&#0*112;?|&#x0*70;?)\s*' .
-            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)(\s*)/i',
+            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)/i',
 
             '/<([^>a-z]*)' .
             '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
             '(?:m|&#0*77;?|&#0*4d;?|&#0*109;?|&#0*6d;?)\s*' .
             '(?:b|&#0*66;?|&#0*42;?|&#0*98;?|&#0*62;?)\s*' .
             '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
-            '(?:d|&#0*68;?|&#0*44;?|&#0*100;?|&#0*64;?)(\s*)/i',
+            '(?:d|&#0*68;?|&#0*44;?|&#0*100;?|&#0*64;?)/i',
 
             '/<([^>a-z]*)' .
             '(?:x|&#0*88;?|&#0*58;?|&#0*120;?|&#0*78;?)\s*' .
             '(?:m|&#0*77;?|&#0*4d;?|&#0*109;?|&#0*6d;?)\s*' .
-            '(?:l|&#0*76;?|&#x0*4c;?|&#0*108;?|&#x0*6c;?)(\s*)/i',
+            '(?:l|&#0*76;?|&#x0*4c;?|&#0*108;?|&#x0*6c;?)/i',
 
             '/<([^>a-z]*)\?([^>a-z]*)' .
             '(?:i|&#0*73;?|&#x0*49;?|&#0*105;?|&#x0*69;?)\s*' .
@@ -147,19 +147,19 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
             '(?:p|&#0*80;?|&#x0*50;?|&#0*112;?|&#x0*70;?)\s*' .
             '(?:o|&#0*79;?|&#0*4f;?|&#0*111;?|&#0*6f;?)\s*' .
             '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)\s*' .
-            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)(\s*)/i',
+            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)/i',
 
             '/<([^>a-z]*)' .
             '(?:m|&#0*77;?|&#0*4d;?|&#0*109;?|&#0*6d;?)\s*' .
             '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
             '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)\s*' .
-            '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)(\s*)/i',
+            '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)/i',
 
             '/<([^>a-z]*)' .
             '(?:j|&#0*74;?|&#0*4a;?|&#0*106;?|&#0*6a;?)\s*' .
             '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)\s*' .
             '(?:v|&#0*86;?|&#0*56;?|&#0*118;?|&#0*76;?)\s*' .
-            '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)(\s*)/i',
+            '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)/i',
 
             '/<([^>a-z]*)' .
             '(?:o|&#0*79;?|&#0*4f;?|&#0*111;?|&#0*6f;?)\s*' .
@@ -167,7 +167,7 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
             '(?:j|&#0*74;?|&#0*4a;?|&#0*106;?|&#0*6a;?)\s*' .
             '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
             '(?:c|&#0*67;?|&#x0*43;?|&#0*99;?|&#x0*63;?)\s*' .
-            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)(\s*)/i',
+            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)/i',
 
             '/<([^>a-z]*)' .
             '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)\s*' .
@@ -175,14 +175,14 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
             '(?:p|&#0*80;?|&#x0*50;?|&#0*112;?|&#x0*70;?)\s*' .
             '(?:l|&#0*76;?|&#x0*4c;?|&#0*108;?|&#x0*6c;?)\s*' .
             '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
-            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)(\s*)/i',
+            '(?:t|&#0*84;?|&#x0*54;?|&#0*116;?|&#x0*74;?)/i',
 
             '/<([^>a-z]*)' .
             '(?:l|&#0*76;?|&#x0*4c;?|&#0*108;?|&#x0*6c;?)\s*' .
             '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)\s*' .
             '(?:y|&#0*89;?|&#0*59;?|&#0*121;?|&#0*79;?)\s*' .
             '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)\s*' .
-            '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)(\s*)/i',
+            '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)/i',
 
             '/<([^>a-z]*)' .
             '(?:i|&#0*73;?|&#x0*49;?|&#0*105;?|&#x0*69;?)?\s*' .
@@ -190,10 +190,10 @@ class Horde_Text_Filter_Xss extends Horde_Text_Filter
             '(?:r|&#0*82;?|&#x0*52;?|&#0*114;?|&#x0*72;?)\s*' .
             '(?:a|&#0*65;?|&#0*41;?|&#0*97;?|&#0*61;?)\s*' .
             '(?:m|&#0*77;?|&#0*4d;?|&#0*109;?|&#0*6d;?)\s*' .
-            '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)(\s*)/i');
+            '(?:e|&#0*69;?|&#0*45;?|&#0*101;?|&#0*65;?)/i');
 
         foreach ($malicious as $pattern) {
-            $patterns[$pattern] = '<$1' . $this->_params['replace'] . '_tag$2';
+            $patterns[$pattern] = '<$1' . $this->_params['replace'] . '_tag';
         }
 
         /* Comment out style/link tags. */