Issues

ZF-3293: Zend_Filter_StripTags erroneously strips allowed attributes ending with equals sign

Issue Type: Bug Created: 2008-05-19T05:58:16.000+0000 Last Updated: 2009-03-10T13:05:29.000+0000 Status: Resolved Fix version(s): - 1.7.7 (16/Mar/09)

Reporter: Darby Felton (darby) Assignee: Matthew Weier O'Phinney (matthew) Tags: - Zend_Filter

Related issues: - ZF-2343

Attachments:

Description

Zend_Filter_StripTags will incorrectly strip an allowed attribute, the value of which ends with an equals sign, as in the following:

<pre class="literal">
<a href="http://example.com/?a=">Link Text</a>

Comments

Posted by Darby Felton (darby) on 2008-05-19T06:01:34.000+0000

Committed a unit test with SVN r9473.

Posted by Ralph Schindler (ralph) on 2009-01-11T20:21:30.000+0000

Will evaluate within 2 weeks.

Posted by Matthew Weier O'Phinney (matthew) on 2009-03-10T13:04:37.000+0000

Fix commited with fixes for ZF-5983 -- see r14272

Posted by Matthew Weier O'Phinney (matthew) on 2009-03-10T13:05:29.000+0000

Fixed in trunk and 1.7 release branch; will release with 1.7.7

Have you found an issue?

See the Overview section for more details.

Copyright

© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts