From ebefdf49d0b61706a4efe35505410b81b21515e3 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 6 Jun 2005 03:04:12 +0000 Subject: [PATCH] * Disallow close tags and enforce empty tags for
and
--- RELEASE-NOTES | 1 + includes/Parser.php | 2 -- includes/Sanitizer.php | 17 +++++++++++++---- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 34923fae0f..95a07fcb39 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -271,6 +271,7 @@ Various bugfixes, small features, and a few experimental things: * (bug 2334) Accept null for attribs in wfElement without PHP warning * (bug 2309) Allow templates and template parameters in HTML attribute zone, with proper validation checks. (regression from fix for 2304) +* Disallow close tags and enforce empty tags for
and
=== Caveats === diff --git a/includes/Parser.php b/includes/Parser.php index 20f9fbb555..2263f8dc27 100644 --- a/includes/Parser.php +++ b/includes/Parser.php @@ -197,8 +197,6 @@ class Parser '/(.) (?=\\?|:|;|!|\\302\\273)/' => '\\1 \\2', # french spaces, Guillemet-right '/(\\302\\253) /' => '\\1 ', - '/
/i' => '
', - '/
/i' => '
', '/
/i' => '
', '/<\\/center *>/i' => '
', ); diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php index cac176bc1d..2170a34031 100644 --- a/includes/Sanitizer.php +++ b/includes/Sanitizer.php @@ -343,6 +343,9 @@ class Sanitizer { $htmlsingle = array( 'br', 'hr', 'li', 'dt', 'dd' ); + $htmlsingleonly = array( # Elements that cannot have close tags + 'br', 'hr' + ); $htmlnest = array( # Tags that can be nested--?? 'table', 'tr', 'td', 'th', 'div', 'blockquote', 'ol', 'ul', 'dl', 'font', 'big', 'small', 'sub', 'sup', 'span' @@ -369,7 +372,7 @@ class Sanitizer { $tagstack = array(); $tablestack = array(); foreach ( $bits as $x ) { $prev = error_reporting( E_ALL & ~( E_NOTICE | E_WARNING ) ); - preg_match( '/^(\\/?)(\\w+)([^>]*)(\\/{0,1}>)([^<]*)$/', + preg_match( '/^(\\/?)(\\w+)([^>]*?)(\\/{0,1}>)([^<]*)$/', $x, $regs ); list( $qbar, $slash, $t, $params, $brace, $rest ) = $regs; error_reporting( $prev ); @@ -379,7 +382,9 @@ class Sanitizer { # Check our stack if ( $slash ) { # Closing a tag... - if ( ! in_array( $t, $htmlsingle ) && + if( in_array( $t, $htmlsingleonly ) ) { + $badtag = 1; + } elseif( !in_array( $t, $htmlsingle ) && ( $ot = @array_pop( $tagstack ) ) != $t ) { @array_push( $tagstack, $ot ); $badtag = 1; @@ -397,6 +402,9 @@ class Sanitizer { } else if ( in_array( $t, $tagstack ) && ! in_array ( $t , $htmlnest ) ) { $badtag = 1 ; + } elseif( in_array( $t, $htmlsingleonly ) ) { + # Hack to force empty tag for uncloseable elements + $brace = '/>'; } else if ( ! in_array( $t, $htmlsingle ) ) { if ( $t == 'table' ) { array_push( $tablestack, $tagstack ); @@ -416,7 +424,8 @@ class Sanitizer { } if ( ! $badtag ) { $rest = str_replace( '>', '>', $rest ); - $text .= "<$slash$t$newparams$brace$rest"; + $close = ( $brace == '/>' ) ? ' /' : ''; + $text .= "<$slash$t$newparams$close>$rest"; continue; } } @@ -430,7 +439,7 @@ class Sanitizer { } else { # this might be possible using tidy itself foreach ( $bits as $x ) { - preg_match( '/^(\\/?)(\\w+)([^>]*)(\\/{0,1}>)([^<]*)$/', + preg_match( '/^(\\/?)(\\w+)([^>]*?)(\\/{0,1}>)([^<]*)$/', $x, $regs ); @list( $qbar, $slash, $t, $params, $brace, $rest ) = $regs; if ( in_array( $t = strtolower( $t ), $htmlelements ) ) { -- 2.20.1