Committer: emazin
LJSUP-7737: now we delete wrong attributes in editting form, not whole tagU trunk/cgi-bin/cleanhtml.pl
Modified: trunk/cgi-bin/cleanhtml.pl =================================================================== --- trunk/cgi-bin/cleanhtml.pl 2011-01-19 11:02:04 UTC (rev 18057) +++ trunk/cgi-bin/cleanhtml.pl 2011-01-19 11:07:18 UTC (rev 18058) @@ -1629,23 +1629,25 @@ unless ($tag =~ /^\w([\w\-:_]*\w)?\/?$/) { next TOKEN; } - ## check attributes my $autoclose = delete $hash->{'/'}; foreach my $attr (keys %$hash) { if ($attr =~ /^(?:on|dynsrc)/) { delete $hash->{$attr}; + next; } elsif ($attr eq 'href' || $attr eq 'src') { - delete $hash->{$attr} if $hash->{$attr} =~ /^data/; + if ($hash->{$attr} =~ /^data/) { + delete $hash->{$attr}; + next; + } } - if ($attr =~ /(?:^=)|[\x0b\x0d]/) { next TOKEN; } unless ($attr =~ /^[\w_:-]+$/) { - next TOKEN; + delete $hash->{$attr}; + next; } - my $tmp = $hash->{$attr}; $tmp =~ s/[\t\n\0]//g; if ($tmp =~ /(?:jscript|livescript|javascript|vbscript|about):/ix) { @@ -1654,7 +1656,6 @@ } ## TODO: css & xslt js expressions } - ## reconstruct the tag $newdata .= "<$tag"; foreach (@$attrs) {