Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix autolink function to avoid XSS issue
  • Loading branch information
yurabakhtin committed Aug 12, 2016
1 parent 50daa5e commit 9a4ab85
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 4 deletions.
3 changes: 3 additions & 0 deletions _tests/blogs/evocore/misc.funcs.simpletest.php
Expand Up @@ -54,6 +54,9 @@ function test_make_clickable()
'<img src="http://example.com/" />' => '<img src="http://example.com/" />',
'<img src=http://example.com/ />' => '<img src=http://example.com/ />',
'<div>http://example.com/</div>' => '<div><a href="http://example.com/">http://example.com/</a></div>',

// XSS sample:
'text http://test_url.test"onmouseover="alert(1)"onerror=1 "text' => 'text <a href="http://test_url.test">http://test_url.test</a>"onmouseover="alert(1)"onerror=1 "text',
) as $lText => $lExpected )
{
$this->assertEqual( make_clickable($lText), $lExpected );
Expand Down
8 changes: 4 additions & 4 deletions inc/_core/_misc.funcs.php
Expand Up @@ -1321,11 +1321,11 @@ function make_clickable_callback( $text, $moredelim = '&amp;', $additional_attrs
/* Tblue> I removed the double quotes from the first RegExp because
it made URLs in tag attributes clickable.
See http://forums.b2evolution.net/viewtopic.php?p=92073 */
array( '#(^|[\s>\(]|\[url=)(https?|mailto)://([^<>{}\s]+[^.,:;!\?<>{}\s\]\)])#i',
'#(^|[\s>\(]|\[url=)aim:([^,<\s\]\)]+)#i',
array( '#(^|[\s>\(]|\[url=)(https?|mailto)://([^"<>{}\s]+[^".,:;!\?<>{}\s\]\)])#i',
'#(^|[\s>\(]|\[url=)aim:([^",<\s\]\)]+)#i',
'#(^|[\s>\(]|\[url=)icq:(\d+)#i',
'#(^|[\s>\(]|\[url=)www\.'.$pattern_domain.'([^<>{}\s]*[^.,:;!\?\s\]\)])#i',
'#(^|[\s>\(]|\[url=)([a-z0-9\-_.]+?)@'.$pattern_domain.'([^.,:;!\?<\s\]\)]+)#i', ),
'#(^|[\s>\(]|\[url=)www\.'.$pattern_domain.'([^"<>{}\s]*[^".,:;!\?\s\]\)])#i',
'#(^|[\s>\(]|\[url=)([a-z0-9\-_.]+?)@'.$pattern_domain.'([^".,:;!\?<\s\]\)]+)#i', ),
array( '$1<a href="$2://$3"'.$additional_attrs.'>$2://$3</a>',
'$1<a href="aim:goim?screenname=$2$3'.$moredelim.'message='.rawurlencode(T_('Hello')).'"'.$additional_attrs.'>$2$3</a>',
'$1<a href="http://wwp.icq.com/scripts/search.dll?to=$2"'.$additional_attrs.'>$2</a>',
Expand Down

0 comments on commit 9a4ab85

Please sign in to comment.