ZF-11617: Zend_Filter_StripTags does not handle hyphenated attribute names

Description

In Zend_Filter_StripTags, the regex to parse well-formed attributes should take dashes into account to support HTML5 data-* attributes:

Instead of checking for


           (\w+)

it should at least do this


            // Parse iteratively for well-formed attributes
            preg_match_all('/([a-z\-]+)\s*=\s*(?:(")(.*?)"|(\')(.*?)\')/s', $tagAttributes, $matches);

Comments

Added the hyphen character to list of valid characters for an attribute name:


Index: library/Zend/Filter/StripTags.php
===================================================================
--- library/Zend/Filter/StripTags.php   (revision 24276)
+++ library/Zend/Filter/StripTags.php   (working copy)
@@ -319,7 +319,7 @@
         // If there are non-whitespace characters in the attribute string
         if (strlen($tagAttributes)) {
             // Parse iteratively for well-formed attributes
-            preg_match_all('/(\w+)\s*=\s*(?:(")(.*?)"|(\')(.*?)\')/s', $tagAttributes, $matches);
+            preg_match_all('/([\w-]+)\s*=\s*(?:(")(.*?)"|(\')(.*?)\')/s', $tagAttributes, $matches);

             // Initialize valid attribute accumulator
             $tagAttributes = '';

Fix and unit test committed to trunk in r24277 Merged to release-1.11 in r24278

Added in ZF2 with GH-285