mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-31 20:01:52 +00:00
Don't assume that idn_to_ascii does validation.
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
This commit is contained in:
parent
dc8702160c
commit
3ba9133b21
@ -97,7 +97,7 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
|||||||
|
|
||||||
// PHP 5.3 and later support this functionality natively
|
// PHP 5.3 and later support this functionality natively
|
||||||
if (function_exists('idn_to_ascii')) {
|
if (function_exists('idn_to_ascii')) {
|
||||||
return idn_to_ascii($string);
|
$string = idn_to_ascii($string);
|
||||||
|
|
||||||
// If we have Net_IDNA2 support, we can support IRIs by
|
// If we have Net_IDNA2 support, we can support IRIs by
|
||||||
// punycoding them. (This is the most portable thing to do,
|
// punycoding them. (This is the most portable thing to do,
|
||||||
@ -123,13 +123,14 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
$string = implode('.', $new_parts);
|
$string = implode('.', $new_parts);
|
||||||
if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) {
|
|
||||||
return $string;
|
|
||||||
}
|
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
// XXX error reporting
|
// XXX error reporting
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// Try again
|
||||||
|
if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) {
|
||||||
|
return $string;
|
||||||
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user