i have a better idea

famous last words
2025-07-25 17:21:58 -07:00 · 2018-06-26 22:26:33 -03:00
parent 72e77a943e
commit 959ae3a672
1 changed files with 1 additions and 1 deletions
--- a/lib/function.php
+++ b/lib/function.php
@@ -1263,7 +1263,7 @@ function xss_clean($data) {
 	#$data = preg_replace('#(<[^>]+?[\x00-\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $data);
 	do {
 		$old_data	= $data;
-		$data		= preg_replace('#(<[^>\s]+?[\x00-\x20"\'])(on|xmlns)([^>]*+)>#iu', '$1DISABLED_$2$3>', $data);
+		$data		= preg_replace('#(<[A-Za-z][^>]*?[\x00-\x20"\'])(on|xmlns)([^>]*+)>#iu', '$1DISABLED_$2$3>', $data);
 	} while ($old_data !== $data);

 	// Remove javascript: and vbscript: protocols