Resources

Getting started

Support

Development

Topics

User Functions

Events

There are no upcoming events

What's New

Stories

1 new Stories in the last 2 weeks

Comments last 2 weeks

No new comments

Trackbacks last 2 weeks

No new trackback comments

Links last 2 weeks

No recent new links

NEW FILES last 14 days

No new files

Welcome to Geeklog Friday, May 24 2013 @ 05:55 PM EDT

The following comments are owned by whomever posted them. This site is not responsible for what they say.

  • Suggestions for filtering CSS url( ) images?
  • Authored by:sardu on Thursday, January 30 2003 @ 12:01 PM EST
I don't have a fix in place yet but should have something by the end of the day.

I'll see if I can minimize the regex in favour of str_replace()

---
Lucas Thompson
sardu_AT_mac.com
  • Fix
  • Authored by:sardu on Thursday, January 30 2003 @ 07:06 PM EST
Sorry, I got tied up with a bunch of stuff today, as a quick fix people can just add this to COM_checkHTML() in lib-common.php

// Hack to filter out user-generated CSS attributes
$str = preg_replace( '/style="[^"]+"/', '', $str );

It works fine and preg_replace seems quick enough even on an ancient K6/350 I have.
Please note that it prevents ALL user-generated CSS from appearing.

---
Lucas Thompson
sardu_AT_mac.com

  • Fix... NOT
  • Authored by:sardu on Friday, January 31 2003 @ 12:13 AM EST

Doh!... that actually only fixes it if the user writes nice clean HTML with no spaces before/after the = sign.

I'm thinking maybe phpfilter should be integrated instead, it still lets images from the main site get loaded (allowing you to disable a page with a 2000x2000 pixel repeating pattern of the site logo) but I've contacted the author about it.

Anyone have other suggestions?

---
Lucas Thompson
sardu_AT_mac.com