Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-10 03:28:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '13.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source 
Conflicts:
	htdocs/compta/facture/card.php
	htdocs/core/class/html.formmail.class.php
	htdocs/core/lib/product.lib.php
	htdocs/product/stock/productlot_card.php
	test/phpunit/SecurityTest.php
This commit is contained in:
Laurent Destailleur
2021-02-26 12:53:06 +01:00
parent 00d2d28d68 9ebf5c2be1
commit f5406d487b
13 changed files with 62 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/lib/functions.lib.php
View File

@@ -6164,6 +6164,8 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1,
$allowed_tags_string = join("><", $allowed_tags);
$allowed_tags_string = '<'.$allowed_tags_string.'>';
$stringtoclean = str_replace('<!DOCTYPE html>', '__!DOCTYPE_HTML__', $stringtoclean); // Replace DOCTYPE to avoid to have it removed by the strip_tags
$stringtoclean = dol_string_nounprintableascii($stringtoclean, 0);
$stringtoclean = preg_replace('/&colon;/i', ':', $stringtoclean);
@@ -6186,6 +6188,8 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1,
$temp = preg_replace('/javascript\s*:/i', '', $temp);
}
$temp = str_replace('__!DOCTYPE_HTML__', '<!DOCTYPE html>', $temp); // Restore the DOCTYPE
return $temp;
}