From: Alexander Ebert Date: Thu, 22 Sep 2016 18:06:02 +0000 (+0200) Subject: Fixed handling of `` X-Git-Tag: 3.0.0_Beta_1~25 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=860a1f6836e7c22225868b3ed690d98dd7d069fd;p=GitHub%2FWoltLab%2FWCF.git Fixed handling of `` --- diff --git a/wcfsetup/install/files/lib/system/html/input/node/HtmlInputNodeProcessor.class.php b/wcfsetup/install/files/lib/system/html/input/node/HtmlInputNodeProcessor.class.php index d841eeb6dc..2cb79cbe92 100644 --- a/wcfsetup/install/files/lib/system/html/input/node/HtmlInputNodeProcessor.class.php +++ b/wcfsetup/install/files/lib/system/html/input/node/HtmlInputNodeProcessor.class.php @@ -29,7 +29,12 @@ class HtmlInputNodeProcessor extends AbstractHtmlNodeProcessor { // built-in 'smiley', 'woltlabAttachment', 'woltlabSuiteMedia' ], - 'p' => [ + 'p' => 'text', + 'td' => 'text', + + // not a valid tag, used for elements that are used to wrap text + // content such as

or , avoid duplicate declarations + 'text' => [ // text alignment 'text-center', 'text-justify', 'text-right', @@ -95,13 +100,16 @@ class HtmlInputNodeProcessor extends AbstractHtmlNodeProcessor { // strip invalid class names /** @var \DOMElement $element */ - $before = htmlentities($this->getHtml()); foreach ($this->getXPath()->query('//*[@class]') as $element) { $nodeName = $element->nodeName; if (isset(self::$allowedClassNames[$nodeName])) { $classNames = explode(' ', $element->getAttribute('class')); $classNames = array_filter($classNames, function ($className) use ($nodeName) { - return ($className && in_array($className, self::$allowedClassNames[$nodeName])); + if (self::$allowedClassNames[$nodeName] === 'text') { + return ($className && in_array($className, self::$allowedClassNames['text'])); + } + + return ($className && in_array($className, self::$allowedClassNames[$nodeName])); }); if (!empty($classNames)) {