You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by li...@apache.org on 2009/11/16 20:37:15 UTC
svn commit: r880927 -
/incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php
Author: lindner
Date: Mon Nov 16 19:37:15 2009
New Revision: 880927
URL: http://svn.apache.org/viewvc?rev=880927&view=rev
Log:
SHINDIG-346 | Update for php html sanitization
Modified:
incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php
Modified: incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php?rev=880927&r1=880926&r2=880927&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php Mon Nov 16 19:37:15 2009
@@ -208,6 +208,12 @@
$content = (string)$script;
} else {
$content = trim($attributes['src']);
+
+ // Make html-santitization work see SHINDIG-346
+ if ($content == 'res://com/google/caja/plugin/html-sanitizer.js') {
+ $content= 'http://google-caja.googlecode.com/svn/trunk/src/com/google/caja/plugin/html-sanitizer.js';
+ }
+
if (strtolower(substr($content, 0, strlen("http://"))) == "http://" || strtolower(substr($content, 0, strlen("https://"))) == "https://") {
$type = 'URL';
} else {