Merging branches
authorDan
Sat, 17 Jan 2009 11:32:52 -0500
changeset 317 12e099193850
parent 316 42419c99471c (diff)
parent 314 f379fdf3b4d7 (current diff)
child 318 eec2dfd2f0a3
Merging branches
--- a/includes/functions.php	Sat Nov 29 22:50:19 2008 -0500
+++ b/includes/functions.php	Sat Jan 17 11:32:52 2009 -0500
@@ -1854,6 +1854,11 @@
   // <
   // The rule is so specific because everything else will have been filtered by now
   $html = preg_replace('/<(script|iframe)(.+?)src=([^>]*)</i', '&lt;\\1\\2src=\\3&lt;', $html);
+  
+  // Vulnerability reported by fuzion from nukeit.org:
+  // XSS in closing HTML tag style attribute
+  // Fix: escape all closing tags with non-whitelisted characters
+  $html = preg_replace('!</((?:.*)([^a-z0-9-_:]+)(?:.*))>!', '&lt;/\\1&gt;', $html);
 
   // Restore stripped comments
   $i = 0;
--- a/install.php	Sat Nov 29 22:50:19 2008 -0500
+++ b/install.php	Sat Jan 17 11:32:52 2009 -0500
@@ -1531,7 +1531,7 @@
       <?php
       if ( defined('WINDOWS_MOD_REWRITE_WORKAROUNDS') )
       {
-        $patch_necessary = ( strtolower(PHP_OS) == 'win32' && substr(@$_SERVER['SERVER_SOFTWARE'], 'Apache/2.2') );
+        $patch_necessary = ( ( strtolower(PHP_OS) == 'win32' || strtolower(PHP_OS) == 'winnt' ) && substr(@$_SERVER['SERVER_SOFTWARE'], 'Apache/2.2') );
         ?>
           <div class="usermessage">
             <b>Your copy of Enano has the Windows mod_rewrite workaround patch enabled.</b><br />