friendica
/
friendica
镜像来自 https://github.com/friendica/friendica
6
0
複製 1
程式碼 問題管理 Packages Projects 版本發佈 1 Wiki Activity

Change $allowed_src_protocols to static

This commit is contained in:
Matthew Exon 2017-01-31 03:44:32 +00:00
父節點 ce10a9aa7f
當前提交 96aadb23f8
共有 1 個文件被更改,包括 1 次插入1 次删除
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/bbcode.php
查看文件

@ -1164,7 +1164,7 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true, $simplehtml = fal
$Text = preg_replace('/\<([^>]*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism', '<$1$2=$3&$4>', $Text);
// sanitizes src attributes (http and redir URLs for displaying in a web page, cid used for inline images in emails)
$allowed_src_protocols = array('http', 'redir', 'cid');
static $allowed_src_protocols = array('http', 'redir', 'cid');
$Text = preg_replace('#<([^>]*?)(src)="(?!' . implode('|', $allowed_src_protocols) . ')(.*?)"(.*?)>#ism',
'<$1$2=""$4 class="invalid-src" title="' . t('Invalid source protocol') . '">', $Text);