From 586a944ddd4d03e66dea1093306147594748037a Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Tue, 16 Aug 2011 15:17:49 -0700
Subject: Tags with invalid names should also be stripped in order to prevent
 XSS attacks.  Thanks Sascha Depold for the report.

---
 actionpack/lib/action_controller/vendor/html-scanner/html/node.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'actionpack/lib/action_controller/vendor/html-scanner/html/node.rb')

diff --git a/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb b/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
index 22b3243104..4e1f016431 100644
--- a/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
+++ b/actionpack/lib/action_controller/vendor/html-scanner/html/node.rb
@@ -156,7 +156,7 @@ module HTML #:nodoc:
           end
 
           closing = ( scanner.scan(/\//) ? :close : nil )
-          return Text.new(parent, line, pos, content) unless name = scanner.scan(/[\w:-]+/)
+          return Text.new(parent, line, pos, content) unless name = scanner.scan(/[^\s!>\/]+/)
           name.downcase!
 
           unless closing
-- 
cgit v1.2.3