X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=library%2FHTML5%2FTreeBuilder.php;h=cdea5373f3363f601ce3e19afc2fdf3f31fae9e0;hb=146f386e37670b64c588c65d25c9f068a0e8e066;hp=c0074ec73fca54b9251380866fb302165ffc2f8a;hpb=ab6bf767df4a06494b314f7d0c3928a795b81bae;p=friendica.git diff --git a/library/HTML5/TreeBuilder.php b/library/HTML5/TreeBuilder.php index c0074ec73f..cdea5373f3 100644 --- a/library/HTML5/TreeBuilder.php +++ b/library/HTML5/TreeBuilder.php @@ -158,6 +158,8 @@ class HTML5_TreeBuilder { if ($this->ignore_lf_token) $this->ignore_lf_token--; $this->ignored = false; + + $token['name'] = str_replace(':', '-', $token['name']); // indenting is a little wonky, this can be changed later on switch ($mode) { @@ -1429,7 +1431,7 @@ class HTML5_TreeBuilder { case 'tbody': case 'td': case 'tfoot': case 'th': case 'thead': case 'tr': // parse error break; - + /* A start tag token not covered by the previous entries */ default: /* Reconstruct the active formatting elements, if any. */ @@ -3037,13 +3039,21 @@ class HTML5_TreeBuilder { } private function insertElement($token, $append = true) { - $el = $this->dom->createElementNS(self::NS_HTML, $token['name']); - + $el = $this->dom->createElementNS(self::NS_HTML, $token['name']); + if ($el == false) { + logger('insertElement(): ignoring invalid token='.$token['name']); + return false; + } + if (!empty($token['attr'])) { foreach($token['attr'] as $attr) { - // mike@macgirvin.com 2011-10-21, stray double quotes and/or numeric tags cause everything to abort - $attr['name'] = str_replace('"','',$attr['name']); - if(!$el->hasAttribute($attr['name']) && (! is_numeric($attr['name']))) { + + // mike@macgirvin.com 2011-11-17, check attribute name for + // validity (ignoring extenders and combiners) as illegal chars in names + // causes everything to abort + + $valid = preg_match('/^[a-zA-Z\_\:]([\-a-zA-Z0-9\_\:\.]+$)/',$attr['name'],$matches); + if($attr['name'] && (!$el->hasAttribute($attr['name'])) && ($valid)) { $el->setAttribute($attr['name'], $attr['value']); } }