diff --git a/library/HTMLPurifier/AttrDef/Pixels.php b/library/HTMLPurifier/AttrDef/Pixels.php index 652b4269..98a6e18f 100644 --- a/library/HTMLPurifier/AttrDef/Pixels.php +++ b/library/HTMLPurifier/AttrDef/Pixels.php @@ -19,7 +19,11 @@ class HTMLPurifier_AttrDef_Pixels extends HTMLPurifier_AttrDef if ($int < 0) return '0'; - // could use some upper-bound checking + // upper-bound value, extremely high values can + // crash operating systems, see + // WARNING, above link WILL crash you if you're using Windows + + if ($int > 1200) return '1200'; return (string) $int;