Skip to content
Browse files

MDL-22042 fixed kses cleaning of html code

  • Loading branch information...
1 parent d7f657b commit a91e69f384362cbcc0d776c307b4be9452ae440c @skodak skodak committed Jun 3, 2010
Showing with 1 addition and 0 deletions.
  1. +1 −0 lib/weblib.php
View
1 lib/weblib.php
@@ -2139,6 +2139,7 @@ function cleanAttributes2($htmlArray){
}
}
$arreach['value'] = preg_replace("/j\s*a\s*v\s*a\s*s\s*c\s*r\s*i\s*p\s*t/i", "Xjavascript", $arreach['value']);
+ $arreach['value'] = preg_replace("/v\s*b\s*s\s*c\s*r\s*i\s*p\s*t/i", "Xvbscript", $arreach['value']);
$arreach['value'] = preg_replace("/e\s*x\s*p\s*r\s*e\s*s\s*s\s*i\s*o\s*n/i", "Xexpression", $arreach['value']);
$arreach['value'] = preg_replace("/b\s*i\s*n\s*d\s*i\s*n\s*g/i", "Xbinding", $arreach['value']);
} else if ($arreach['name'] == 'href') {

0 comments on commit a91e69f

Please sign in to comment.
Something went wrong with that request. Please try again.