From fe686b4d40ce30808cf34edc55eada0ac4dd5c5b Mon Sep 17 00:00:00 2001
From: Daniel Kinzler <daniel@users.mediawiki.org>
Date: Sat, 7 Nov 2009 15:45:13 +0000
Subject: [PATCH] better pattern for detecting evil scripts in rdfa attributes

---
 includes/Sanitizer.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php
index 30eff4ba9f..712dc43991 100644
--- a/includes/Sanitizer.php
+++ b/includes/Sanitizer.php
@@ -56,6 +56,11 @@ define( 'MW_ATTRIBS_REGEX',
 		)
 	   )?(?=$space|\$)/sx" );
 
+/**
+ * Regular expression to match URIs that could trigger script execution
+ */
+define( 'MW_SCRIPT_URL_PATTERN', '/(^|\s)(javascript|vbscript)[^\w]/i' );
+
 /**
  * List of all named character entities defined in HTML 4.01
  * http://www.w3.org/TR/html4/sgml/entities.html
@@ -631,7 +636,7 @@ class Sanitizer {
 				$attribute === 'about' || $attribute === 'property' || $attribute === 'resource' ||
 				$attribute === 'datatype' || $attribute === 'typeof' ) {  
 				//Paranoia. Allow "simple" values but suppress javascript
-				if ( preg_match( '/(^|\s)javascript\s*:/i', $value ) ) {
+				if ( preg_match( MW_SCRIPT_URL_PATTERN, $value ) ) {
 					continue; 
 				}
 			}
-- 
2.20.1