-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path4.7.3.patch.2
More file actions
executable file
·84 lines (81 loc) · 3.77 KB
/
Copy path4.7.3.patch.2
File metadata and controls
executable file
·84 lines (81 loc) · 3.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.537.2.6
diff -u -Ffunction -r1.537.2.6 common.inc
--- includes/common.inc 18 Jul 2006 10:46:23 -0000 1.537.2.6
+++ includes/common.inc 17 Oct 2006 09:24:05 -0000
@@ -976,8 +976,9 @@ function url($path = NULL, $query = NULL
}
// Return an external link if $path contains an allowed absolute URL.
- // Only call the slow filter_xss_bad_protocol if $path contains a ':'.
- if (strpos($path, ':') !== FALSE && filter_xss_bad_protocol($path, FALSE) == check_plain($path)) {
+ // Only call the slow filter_xss_bad_protocol if $path contains a ':' before any / ? or #.
+ $colonpos = strpos($path, ':');
+ if ($colonpos !== FALSE && !preg_match('![/?#]!', substr($path, 0, $colonpos)) && filter_xss_bad_protocol($path, FALSE) == check_plain($path)) {
// Split off the fragment
if (strpos($path, '#')) {
list($path, $old_fragment) = explode('#', $path, 2);
Index: includes/theme.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/theme.inc,v
retrieving revision 1.292.2.5
diff -u -Ffunction -r1.292.2.5 theme.inc
--- includes/theme.inc 2 Jul 2006 10:08:23 -0000 1.292.2.5
+++ includes/theme.inc 17 Oct 2006 09:24:55 -0000
@@ -1,5 +1,5 @@
<?php
-// $Id: theme.inc,v 1.292.2.5 2006/07/02 10:08:23 killes Exp $
+// $Id: theme.inc,v 1.292.2.6 2006/08/24 00:04:05 unconed Exp $
/**
* @file
@@ -503,7 +503,7 @@ function theme_links($links, $delimiter
* Return a themed image.
*
* @param $path
- * The path of the image file.
+ * Either the path of the image file (relative to base_path()) or a full URL.
* @param $alt
* The alternative text for text-based browsers.
* @param $title
@@ -518,7 +518,8 @@ function theme_links($links, $delimiter
function theme_image($path, $alt = '', $title = '', $attributes = NULL, $getsize = TRUE) {
if (!$getsize || (is_file($path) && (list($width, $height, $type, $image_attributes) = @getimagesize($path)))) {
$attributes = drupal_attributes($attributes);
- return '<img src="'. check_url(base_path() . $path) .'" alt="'. check_plain($alt) .'" title="'. check_plain($title) .'" '. $image_attributes . $attributes .' />';
+ $url = (url($path) == $path) ? $path : (base_path() . $path);
+ return '<img src="'. check_url($url) .'" alt="'. check_plain($alt) .'" title="'. check_plain($title) .'" '. $image_attributes . $attributes .' />';
}
}
Index: modules/filter.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/Attic/filter.module,v
retrieving revision 1.122.2.2
diff -u -Ffunction -r1.122.2.2 filter.module
--- modules/filter.module 2 Jul 2006 20:53:52 -0000 1.122.2.2
+++ modules/filter.module 17 Oct 2006 09:24:05 -0000
@@ -1349,15 +1349,20 @@ function filter_xss_bad_protocol($string
if ($decode) {
$string = decode_entities($string);
}
- // Remove soft hyphen
- $string = str_replace(chr(194) . chr(173), '', $string);
- // Strip protocols
-
+ // Iteratively remove any invalid protocol found.
do {
$before = $string;
$colonpos = strpos($string, ':');
if ($colonpos > 0) {
+ // We found a colon, possibly a protocol. Verify.
$protocol = substr($string, 0, $colonpos);
+ // If a colon is preceded by a slash, question mark or hash, it cannot
+ // possibly be part of the URL scheme. This must be a relative URL,
+ // which inherits the (safe) protocol of the base document.
+ if (preg_match('![/?#]!', $protocol)) {
+ break;
+ }
+ // Check if this is a disallowed protocol
if (!isset($allowed_protocols[$protocol])) {
$string = substr($string, $colonpos + 1);
}