Skip to content

Commit

Permalink
dump attributes that contain characters that are impossible for valid…
Browse files Browse the repository at this point in the history 
…ity, or very unlikely
  • Loading branch information
@aidantwoods
aidantwoods committed May 1, 2017
1 parent 131ba75 commit 0ae11f7
Showing 1 changed file with 17 additions and 7 deletions.
24 changes: 17 additions & 7 deletions Parsedown.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1503,25 +1503,35 @@ function parse($text)

protected function sanitiseElement(array $Element)
{
$safeUrlNameToAtt = array(
static $safeUrlNameToAtt = array(
'a' => 'href',
'img' => 'src',
);

static $badAttributeChars = "\"'= \t\n\r\0\x0B";

if (isset($safeUrlNameToAtt[$Element['name']]))
{
$Element = $this->filterUnsafeUrlInAttribute($Element, $safeUrlNameToAtt[$Element['name']]);
}

if ( ! empty($Element['attributes']))
{
# clear out nulls
$Element['attributes'] = array_filter(
$Element['attributes'],
function ($v) {return $v !== null;}
);
foreach ($Element['attributes'] as $att => $val)
{
# clear out nulls
if ($val === null)
{
unset($Element['attributes'][$att]);
}
# filter out badly parsed attribute
elseif (strpbrk($att, $badAttributeChars) !== false)
{
unset($Element['attributes'][$att]);
}
}

$onEventAttributes = preg_grep('/^\s*+on/i', array_flip($Element['attributes']));
$onEventAttributes = preg_grep('/^on/i', array_flip($Element['attributes']));

foreach ($onEventAttributes as $att)
{
Expand Down

0 comments on commit 0ae11f7

Please sign in to comment.