improv. fix for style attribute

nivcoo · web-flow · commit 819f92a9eaa4 · 2021-09-20T19:40:23.000+02:00
diff --git a/app/Controller/Component/EySecurityComponent.php b/app/Controller/Component/EySecurityComponent.php
@@ -30,7 +30,7 @@ public function xssProtection($string)
     {
 
         require_once ROOT . '/vendors/anti-xss/AntiXSS.php';
-        return htmLawed($string, ['safe' => 1, 'deny_attribute' => '* -title -src -alt']);
+        return htmLawed($string, ['safe' => 1, 'deny_attribute' => '* -title -src -alt -style']);
 
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,7 @@ public function xssProtection($string)`
`30`	`30`	`{`
`31`	`31`
`32`	`32`	`require_once ROOT . '/vendors/anti-xss/AntiXSS.php';`
`33`		`- return htmLawed($string, ['safe' => 1, 'deny_attribute' => '* -title -src -alt']);`
	`33`	`+ return htmLawed($string, ['safe' => 1, 'deny_attribute' => '* -title -src -alt -style']);`
`34`	`34`
`35`	`35`	`}`
`36`	`36`	`}`