Welcome to Geeklog, Anonymous Tuesday, November 28 2023 @ 07:47 am EST

Comments for Suggestions for filtering CSS url( ) images?

Suggestions for filtering CSS url( ) images? | 9 comments | Create New Account

The following comments are owned by whomever posted them. This site is not responsible for what they say.

Suggestions for filtering CSS url( ) images?

Authored by: sardu on Thursday, January 30 2003 @ 12:01 pm EST

I don't have a fix in place yet but should have something by the end of the day.

I'll see if I can minimize the regex in favour of str_replace()

---
Lucas Thompson
sardu_AT_mac.com

---
Lucas Thompson, sardu@mac,com

Fix

Authored by: sardu on Thursday, January 30 2003 @ 07:06 pm EST

Sorry, I got tied up with a bunch of stuff today, as a quick fix people can just add this to COM_checkHTML() in lib-common.php

// Hack to filter out user-generated CSS attributes
$str = preg_replace( '/style="[^"]+"/', '', $str );

It works fine and preg_replace seems quick enough even on an ancient K6/350 I have.
Please note that it prevents ALL user-generated CSS from appearing.

---
Lucas Thompson
sardu_AT_mac.com

---
Lucas Thompson, sardu@mac,com

Fix... NOT

Authored by: sardu on Friday, January 31 2003 @ 12:13 am EST

Doh!... that actually only fixes it if the user writes nice clean HTML with no spaces before/after the = sign.

I'm thinking maybe phpfilter should be integrated instead, it still lets images from the main site get loaded (allowing you to disable a page with a 2000x2000 pixel repeating pattern of the site logo) but I've contacted the author about it.

Anyone have other suggestions?

---
Lucas Thompson
sardu_AT_mac.com

---
Lucas Thompson, sardu@mac,com

Search

Resources

About

Getting started

Support

Development

Topics

User Functions

What's New

Articles last 4 weeks

Comments last 4 weeks

Pages last 4 weeks

Links last 4 weeks

Downloads last 4 weeks