Reklama 400x60
Dar viena XSS eksploito pataisa
Parašė
2005 rugpjūčio 31 09:08:59
Open up maincore.php, look for this line in function parseubb (approx 373)
$message = preg_replace('#(<[^>]+[\\"\'])(onmouseover|onmousedown|onmouseup|onmouseout|onmousemove|onclick|ondblclick|onload|xmlns)[^>]*>#iUu',">",$message);
Replace it with
$message = preg_replace('#(<[^>]+[\\"\'\s])(onmouseover|onmousedown|onmouseup|onmouseout|onmousemove|onclick|ondblclick|onload|xmlns)[^>]*>#iUu',">",$message);
Then, Insert this line
$message = preg_replace('#([a-z]*)=([\`\'\"]*)jscript:#iUu','$1=$2nojscript...',$message);
Before
$message = preg_replace('#([a-z]*)=([\`\'\"]*)javascript:#iUu','$1=$2nojavascript...',$message);
Then look for this line in function descript (approx line 406)
$text = preg_replace('#(<[^>]+[\\"\'])(onmouseover|onmousedown|onmouseup|onmouseout|onmousemove|onclick|ondblclick|onload|xmlns)[^>]*>#iUu',">",$text);
Replace it with
$text = preg_replace('#(<[^>]+[\\"\'\s])(onmouseover|onmousedown|onmouseup|onmouseout|onmousemove|onclick|ondblclick|onload|xmlns)[^>]*>#iUu',">",$text);
Then, Insert this line
$text = preg_replace('#([a-z]*)=([\`\'\"]*)jscript:#iUu','$1=$2nojscript...',$text);
Before
$text = preg_replace('#([a-z]*)=([\`\'\"]*)javascript:#iUu','$1=$2nojavascript...',$text);
0 Komentarai · 1399 Skaityta
·
Komentarai
Komentarų neparašyta.
Rašyti komentarą
Prisijunkite, norėdami parašyti komentarą.
Reitingai
Balsuoti gali tik nariai.
Prašome prisijungti arba prisiregistruoti.
Nėra reitingų.