Security: Fix pattern to remove on* attributes from HTML tags - refs BT#22421

AngelFQC · AngelFQC · commit 8c4e6436379c · 2025-02-17T09:34:09.000-05:00
See advisory GHSA-gw58-89f7-4xgj
diff --git a/src/Chamilo/CoreBundle/Component/HTMLPurifier/Filter/RemoveOnAttributes.php b/src/Chamilo/CoreBundle/Component/HTMLPurifier/Filter/RemoveOnAttributes.php
@@ -17,7 +17,7 @@ public function preFilter($html, $config, $context)
 
     public static function filter($html)
     {
-        $pattern = '/\s*on\w+=(?:"[^"]*"|\'[^\']*\'|[^\s>]+)/i';
+        $pattern = '/\s+on\w+\s*=\s*(?:"[^"]*"|\'[^\']*\'|[^\s>]+)/i';
 
         return preg_replace($pattern, '', $html);
     }

Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@ public function preFilter($html, $config, $context)`
`17`	`17`
`18`	`18`	`public static function filter($html)`
`19`	`19`	`{`
`20`		`- $pattern = '/\son\w+=(?:"[^"]"\|\'[^\']*\'\|[^\s>]+)/i';`
	`20`	`+ $pattern = '/\s+on\w+\s=\s(?:"[^"]"\|\'[^\']\'\|[^\s>]+)/i';`
`21`	`21`
`22`	`22`	`return preg_replace($pattern, '', $html);`
`23`	`23`	`}`