From: Alexander Ebert <ebert@woltlab.com>
Date: Wed, 4 Oct 2017 22:45:24 +0000 (+0200)
Subject: Reject data URIs for [img]
X-Git-Tag: 3.0.10~18
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=06c2136817a738d2226e1af689d7914b0775a287;p=GitHub%2FWoltLab%2FWCF.git

Reject data URIs for [img]
---

diff --git a/wcfsetup/install/files/lib/system/html/metacode/converter/ImgMetacodeConverter.class.php b/wcfsetup/install/files/lib/system/html/metacode/converter/ImgMetacodeConverter.class.php
index d8e00bf6c4..8a1dfafa65 100644
--- a/wcfsetup/install/files/lib/system/html/metacode/converter/ImgMetacodeConverter.class.php
+++ b/wcfsetup/install/files/lib/system/html/metacode/converter/ImgMetacodeConverter.class.php
@@ -30,6 +30,15 @@ class ImgMetacodeConverter extends AbstractMetacodeConverter {
 	 */
 	public function validateAttributes(array $attributes) {
 		$count = count($attributes);
-		return ($count > 0 && $count < 4);
+		if ($count > 0 && $count < 4) {
+			// reject data URIs
+			if (preg_match('~^\s*data:~', $attributes[0])) {
+				return false;
+			}
+			
+			return true;
+		}
+		
+		return false;
 	}
 }