twin/jul
1
0
Fork 0
mirror of https://github.com/Xkeeper0/jul.git synced 2025-07-26 09:42:01 -07:00
Code Issues Packages Projects Releases Wiki Activity

"Fixing" issue #1 (Javascript injection)

Browse Source
This commit is contained in:
Xkeeper
2011-11-10 00:37:26 -08:00
parent 6e47331eee
commit a78ade6158
1 changed files with 9 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
lib/function.php
View File

@@ -1035,13 +1035,6 @@ function dofilters($p){
}
}
$p=preg_replace("'document.cookie'si",'document.co<z>okie',$p);
$p=preg_replace("'eval'si",'eva<z>l',$p);
// $p=preg_replace("'document.'si",'docufail.',$p);
$p=preg_replace("'<script'si",'<<z>script',$p);
$p=preg_replace("'javascript:'si",'javasc<z>ript:',$p);
$p=preg_replace("'<iframe'si",'<<z>iframe',$p);
$p=preg_replace("'<meta'si",'<<z>meta',$p);
//$p=preg_replace("'<object(.*?)</object>'si","",$p);
$p=preg_replace("'autoplay'si",'',$p); // kills autoplay, need to think of a solution for embeds.
$p=preg_replace("'filter:alpha'si",'falpha',$p);
@@ -1085,8 +1078,17 @@ function dofilters($p){
// $p=preg_replace("'<style'si",'&lt;style',$p);
$p=preg_replace("'%BZZZ%'si",'onclick="bzzz(',$p);
$p=preg_replace("'document.cookie'si",'document.co<z>okie',$p);
$p=preg_replace("'eval'si",'eva<z>l',$p);
// $p=preg_replace("'document.'si",'docufail.',$p);
$p=preg_replace("'<script'si",'<<z>script',$p);
$p=preg_replace("'javascript:'si",'javasc<z>ript:',$p);
$p=preg_replace("'<iframe'si",'<<z>iframe',$p);
$p=preg_replace("'<meta'si",'<<z>meta',$p);
return $p;
}