From 0401df5c2e64015c94dd3acf4b5211a2a6527b02 Mon Sep 17 00:00:00 2001 From: Wil Mahan Date: Sat, 2 Oct 2004 21:33:06 +0000 Subject: [PATCH] Disallow '<' and '>' in free external URIs; this is consistent with RFC 2396 and fixes a parser test case. Remove the INVERSE_EXT_LINK_URL_CLASS constant, which has never been used. --- includes/Parser.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/includes/Parser.php b/includes/Parser.php index 7cb0ad1281..8e3e8a4263 100644 --- a/includes/Parser.php +++ b/includes/Parser.php @@ -37,8 +37,7 @@ define( 'UNIQ_PREFIX', 'NaodW29'); define( 'URL_PROTOCOLS', 'http|https|ftp|irc|gopher|news|mailto' ); define( 'HTTP_PROTOCOLS', 'http|https' ); # Everything except bracket, space, or control characters -define( 'EXT_LINK_URL_CLASS', '[^]\\x00-\\x20\\x7F]' ); -define( 'INVERSE_EXT_LINK_URL_CLASS', '[\]\\x00-\\x20\\x7F]' ); +define( 'EXT_LINK_URL_CLASS', '[^]<>\\x00-\\x20\\x7F]' ); # Including space define( 'EXT_LINK_TEXT_CLASS', '[^\]\\x00-\\x1F\\x7F]' ); define( 'EXT_IMAGE_FNAME_CLASS', '[A-Za-z0-9_.,~%\\-+&;#*?!=()@\\x80-\\xFF]' ); -- 2.20.1