0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-01-21 13:01:53 +00:00

[2.1.2?] Fix invisible DirectLex parsing error with empty elements that have attributes containing slashes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1375 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2007-08-08 05:05:30 +00:00
parent f922285383
commit 24a4dfdf83
3 changed files with 11 additions and 1 deletions

4
NEWS
View File

@ -9,6 +9,10 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
. Internal change . Internal change
========================== ==========================
2.1.2, unknown release date
- Fix non-visible parsing error in DirectLex with empty tags that have
slashes inside attribute values.
2.1.1, released 2007-08-04 2.1.1, released 2007-08-04
- Fix show-stopper bug in %URI.MakeAbsolute functionality - Fix show-stopper bug in %URI.MakeAbsolute functionality
- Fix PHP4 syntax error in standalone version - Fix PHP4 syntax error in standalone version

View File

@ -237,7 +237,7 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
// trailing slash. Remember, we could have a tag like <br>, so // trailing slash. Remember, we could have a tag like <br>, so
// any later token processing scripts must convert improperly // any later token processing scripts must convert improperly
// classified EmptyTags from StartTags. // classified EmptyTags from StartTags.
$is_self_closing= (strpos($segment,'/') === $strlen_segment-1); $is_self_closing= (strrpos($segment,'/') === $strlen_segment-1);
if ($is_self_closing) { if ($is_self_closing) {
$strlen_segment--; $strlen_segment--;
$segment = substr($segment, 0, $strlen_segment); $segment = substr($segment, 0, $strlen_segment);

View File

@ -351,6 +351,12 @@ class HTMLPurifier_LexerTest extends HTMLPurifier_Harness
new HTMLPurifier_Token_Empty('a', array('href' => '><>')) new HTMLPurifier_Token_Empty('a', array('href' => '><>'))
); );
// empty tag with attributes
$input[25] = '<param name="src" value="http://example.com/video.wmv" />';
$expect[25] = array(
new HTMLPurifier_Token_Empty('param', array('name' => 'src', 'value' => 'http://example.com/video.wmv'))
);
$default_config = HTMLPurifier_Config::createDefault(); $default_config = HTMLPurifier_Config::createDefault();
$default_context = new HTMLPurifier_Context(); $default_context = new HTMLPurifier_Context();
foreach($input as $i => $discard) { foreach($input as $i => $discard) {