You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@shindig.apache.org by li...@apache.org on 2009/11/16 20:37:15 UTC

svn commit: r880927 - /incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php

Author: lindner
Date: Mon Nov 16 19:37:15 2009
New Revision: 880927

URL: http://svn.apache.org/viewvc?rev=880927&view=rev
Log:
SHINDIG-346 | Update for php html sanitization

Modified:
    incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php

Modified: incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php?rev=880927&r1=880926&r2=880927&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/GadgetFeatureRegistry.php Mon Nov 16 19:37:15 2009
@@ -208,6 +208,12 @@
         $content = (string)$script;
       } else {
         $content = trim($attributes['src']);
+
+        // Make html-santitization work see SHINDIG-346
+        if ($content == 'res://com/google/caja/plugin/html-sanitizer.js') { 
+          $content= 'http://google-caja.googlecode.com/svn/trunk/src/com/google/caja/plugin/html-sanitizer.js'; 
+        } 
+
         if (strtolower(substr($content, 0, strlen("http://"))) == "http://" || strtolower(substr($content, 0, strlen("https://"))) == "https://") {
           $type = 'URL';
         } else {