From: Matthew Exon Date: Fri, 8 Mar 2013 07:38:25 +0000 (+0100) Subject: Explicitly list protocols that are allowed, rather than using their initials. Also... X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=4df162d929c5e6dd397c0ca68bb6a6e5292dbee1;p=friendica.git Explicitly list protocols that are allowed, rather than using their initials. Also, add cid, which I need for my mailstream plugin to work. --- diff --git a/include/bbcode.php b/include/bbcode.php index ebed0dbb25..01c8f14df9 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -643,7 +643,7 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true, $simplehtml = fal // fix any escaped ampersands that may have been converted into links $Text = preg_replace("/\<([^>]*?)(src|href)=(.*?)\&\;(.*?)\>/ism",'<$1$2=$3&$4>',$Text); - $Text = preg_replace("/\<([^>]*?)(src|href)=\"[^hfm](.*?)\>/ism",'<$1$2="">',$Text); + $Text = preg_replace("/\<([^>]*?)(src|href)=\"(?!http|ftp|mailto|cid)(.*?)\>/ism",'<$1$2="">',$Text); if($saved_image) $Text = bb_replace_images($Text, $saved_image);