diff options
author | Fabio Comuni <fabrix.xm@gmail.com> | 2011-11-17 13:40:27 +0100 |
---|---|---|
committer | Fabio Comuni <fabrix.xm@gmail.com> | 2011-11-17 13:40:27 +0100 |
commit | 844a36e2b6c9cd8e934b57b7d56b7a9863f12929 (patch) | |
tree | 3ba5f23865643ff8c660fb9c9a9eeb44327b8a1b /library/HTML5 | |
parent | 02281be0c3b19bcab3ae3a96475846104af11e92 (diff) | |
parent | c9846b745dfe2a4c20ffe4e1f48bb18da3886fd4 (diff) | |
download | volse-hubzilla-844a36e2b6c9cd8e934b57b7d56b7a9863f12929.tar.gz volse-hubzilla-844a36e2b6c9cd8e934b57b7d56b7a9863f12929.tar.bz2 volse-hubzilla-844a36e2b6c9cd8e934b57b7d56b7a9863f12929.zip |
Merge remote-tracking branch 'friendica/master'
Diffstat (limited to 'library/HTML5')
-rw-r--r-- | library/HTML5/TreeBuilder.php | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/library/HTML5/TreeBuilder.php b/library/HTML5/TreeBuilder.php index 10d446d1e..578e73682 100644 --- a/library/HTML5/TreeBuilder.php +++ b/library/HTML5/TreeBuilder.php @@ -3041,9 +3041,13 @@ class HTML5_TreeBuilder { if (!empty($token['attr'])) { foreach($token['attr'] as $attr) { - // mike@macgirvin.com 2011-10-21, stray double quotes and/or numeric tags cause everything to abort - $attr['name'] = str_replace('"','',$attr['name']); - if($attr['name'] && (!$el->hasAttribute($attr['name'])) && (! is_numeric($attr['name']))) { + + // mike@macgirvin.com 2011-11-17, check attribute name for + // validity (ignoring extenders and combiners) as illegal chars in names + // causes everything to abort + + $valid = preg_match('/^[a-zA-Z\_\:]([\-a-zA-Z0-9\_\:\.]+$)/',$attr['name'],$matches); + if($attr['name'] && (!$el->hasAttribute($attr['name'])) && ($valid)) { $el->setAttribute($attr['name'], $attr['value']); } } |