aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2016-12-19 18:59:40 -0800
committerzotlabs <mike@macgirvin.com>2016-12-19 18:59:40 -0800
commitd2cc7df7db2995acf628981e24013aa02d35e999 (patch)
treedaa17536f3f44b3e2cba7f2a0b8f6f50c689c756
parent231b70b987bb76a27cc8c4a36b128b4fef2178ce (diff)
downloadvolse-hubzilla-d2cc7df7db2995acf628981e24013aa02d35e999.tar.gz
volse-hubzilla-d2cc7df7db2995acf628981e24013aa02d35e999.tar.bz2
volse-hubzilla-d2cc7df7db2995acf628981e24013aa02d35e999.zip
allow tel: links on mobile devices
-rw-r--r--include/bbcode.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/include/bbcode.php b/include/bbcode.php
index 32354aeda..c7bee6f97 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -1127,9 +1127,9 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $cache = false)
$Text = preg_replace("/\<(.*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism", '<$1$2=$3&$4>', $Text);
// This is subtle - it's an XSS filter. It only accepts links with a protocol scheme and where
- // the scheme begins with z (zhttp), h (http(s)), f (ftp), m (mailto), and named anchors.
+ // the scheme begins with z (zhttp), h (http(s)), f (ftp(s)), m (mailto), t (tel) and named anchors.
- $Text = preg_replace("/\<(.*?)(src|href)=\"[^zhfm#](.*?)\>/ism", '<$1$2="">', $Text);
+ $Text = preg_replace("/\<(.*?)(src|href)=\"[^zhfmt#](.*?)\>/ism", '<$1$2="">', $Text);
$Text = bb_replace_images($Text, $saved_images);