Unfiltered HTML processing issue

Resolved

(@tyaty1)

   // To filter out JS, we should use domdocument, but the problem is that sometimes the 
   // html is intentional incomplete, which would cause issues with domdocument
   // See https://codereview.stackexchange.com/questions/30045/regex-to-remove-inline-javascript-from-string
   if ($allow_unfiltered) {
	   // even for unfiltered: strip out javascript
	   $res = preg_replace('#<\s*script(.*?)>(.*?)<\s*/\s*script\s*>#is', '', wp_unslash($value));
	   # also strip out inline javascript (onalert etc)
	   $res = preg_replace('#\bon\w+\s*=\s*\S+(?=.*>)#', '', $res);
	   return $res;

This piece of code in _eme_kses_single cuts out the chunks form from URL-s which include on<something>=<something>, besides inline JS.
For exmaple:


<a href="http://evasys.semmelweis.hu/evasys/public/online/index/index?online_php=&p=22PES&ONLINEID=47457567567567">Regisztrációs felület</a>

becomes:


<a href="http://evasys.semmelweis.hu/evasys/public/online/index/index? felület</a>

This topic was modified 3 years, 11 months ago by tyaty1.

Viewing 1 replies (of 1 total)

Plugin Author Franky
(@liedekef)

3 years, 11 months ago

The reason is the “?on” part in the url. The regex (while never optimal for javascript removal, but I can’t rely on the php domdocument function either, because the html passed might be incomplete) has been changed here:

https://plugins.trac.wordpress.org/changeset/2709912/

It now takes “?on” and “&on” into account too.

Viewing 1 replies (of 1 total)

The topic ‘Unfiltered HTML processing issue’ is closed to new replies.