ZF-9828: Zend_Filter_StripTags $attributeValue quoted by single quotes won't be matched


from line 314 to line 323, in file Zend/Filter/StripTags.php {quote} preg_match_all('/(\w+)\s=\s(?:(")(.?)"|(\')(.?)\')/s', $tagAttributes, $matches);

// Initialize valid attribute accumulator $tagAttributes = '';

// Iterate over each matched attribute foreach ($matches[1] as $index => $attributeName) { $attributeName = strtolower($attributeName); $attributeDelimiter = $matches[2][$index]; $attributeValue = $matches[3][$index]; {quote}

(sorry for the sad emotion, i don't know how to escape it)

if the $attributeDelimiter is single quote('), it's value should be $matches[4][$index], and accordingly the $attributeValue 's value should be $matches[5][$index].

example: wont_be_matched.jpg, if attributes in an element quoted by both double quotes and single quotes respectively, one of those won't be matched.

Here some changes i've made on my source code, just to show what i've meant above. {quote} $attributeDelimiter = empty($matches[2][$index]) ? $matches[4][$index] : $matches[2][$index]; $attributeValue = empty($matches[3][$index]) ? $matches[5][$index] : $matches[3][$index]; {quote}

By the way, the attibuteValue won't be quoted, like , it's valid in html doctype which won't be matched here.


Please give an example instead of core code to reproduce your problem.

I've update the issue with an example. Hopefully make it more clear.

Fixed with r22174