diff options
| author | David Flatz | 2017-10-18 14:33:49 +0200 |
|---|---|---|
| committer | David Flatz | 2017-10-18 14:35:41 +0200 |
| commit | ab4709cbff86e16a0f343cf3f8d44f05d1e53dc5 (patch) | |
| tree | 606b829a8311952f72c2b874d261925a8e184728 /it_html.class | |
| parent | 8d90e01b7ffa90519ce7393175ddd446c69fe84c (diff) | |
| download | itools-ab4709cbff86e16a0f343cf3f8d44f05d1e53dc5.tar.gz itools-ab4709cbff86e16a0f343cf3f8d44f05d1e53dc5.tar.bz2 itools-ab4709cbff86e16a0f343cf3f8d44f05d1e53dc5.zip | |
entity-encode tabs and carriage returns like new lines in attributes so that they won't get replaced by a space character when parsed
see https://www.w3.org/TR/2004/REC-xml-20040204/#AVNormalize
Diffstat (limited to 'it_html.class')
| -rw-r--r-- | it_html.class | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/it_html.class b/it_html.class index 12ecf6b..02f3f2a 100644 --- a/it_html.class +++ b/it_html.class @@ -312,8 +312,8 @@ function _tag($name, $args) ; else if (isset($value) && $value !== true) # normal case: value { - if (preg_match('/[<>&"\x00-\x08\x0a-\x0c\x0e-\x1f\x80-\x9f]/', $value)) # WARNING: copy/pasted from Q() - $result .= " $key=\"" . str_replace("\n", " ", htmlspecialchars(self::_cleanup($value, $charset), ENT_COMPAT, $charset)) . '"'; + if (preg_match('/[<>&"\x00-\x08\x0a-\x0c\x0e-\x1f\x80-\x9f\n\t\r]/', $value)) # WARNING: copy/pasted from Q() + $result .= " $key=\"" . str_replace(["\n", "\t", "\r"], [" ", "	", " "], htmlspecialchars(self::_cleanup($value, $charset), ENT_COMPAT, $charset)) . '"'; else $result .= " $key=\"$value\""; } |