changelog_bot (changelog_bot) wrote in changelog,
changelog_bot
changelog_bot
changelog

[livejournal] r18058: LJSUP-7737: now we delete wrong attribut...

Committer: emazin
LJSUP-7737: now we delete wrong attributes in editting form, not whole tag
U   trunk/cgi-bin/cleanhtml.pl
Modified: trunk/cgi-bin/cleanhtml.pl
===================================================================
--- trunk/cgi-bin/cleanhtml.pl	2011-01-19 11:02:04 UTC (rev 18057)
+++ trunk/cgi-bin/cleanhtml.pl	2011-01-19 11:07:18 UTC (rev 18058)
@@ -1629,23 +1629,25 @@
             unless ($tag =~ /^\w([\w\-:_]*\w)?\/?$/) {
                 next TOKEN;
             }
- 
             ## check attributes
             my $autoclose = delete $hash->{'/'};
             foreach my $attr (keys %$hash) {
                 if ($attr =~ /^(?:on|dynsrc)/) {
                     delete $hash->{$attr};
+                    next;
                 } elsif ($attr eq 'href' || $attr eq 'src') {
-                    delete $hash->{$attr} if $hash->{$attr} =~ /^data/;
+                    if ($hash->{$attr} =~ /^data/) {
+                        delete $hash->{$attr};
+                        next;
+                    }
                 }
-
                 if ($attr =~ /(?:^=)|[\x0b\x0d]/) {
                     next TOKEN;
                 }
                 unless ($attr =~ /^[\w_:-]+$/) {
-                    next TOKEN;
+                    delete $hash->{$attr};
+                    next;
                 }
-                
                 my $tmp = $hash->{$attr};
                 $tmp =~ s/[\t\n\0]//g;
                 if ($tmp =~ /(?:jscript|livescript|javascript|vbscript|about):/ix) {
@@ -1654,7 +1656,6 @@
                 }
                 ## TODO: css & xslt js expressions 
             }
-            
             ## reconstruct the tag
             $newdata .= "<$tag";
             foreach (@$attrs) {

Tags: changelog_bot, livejournal, pl
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments