From b13d33580b2196b7ed3bacf1d776ed06c35a29f0 Mon Sep 17 00:00:00 2001 From: Klaus Leithoff Date: Thu, 5 Nov 2009 11:31:47 +0000 Subject: [PATCH] revert changes from r28263 as it would allow for cross site scripting --- phpgwapi/inc/class.html.inc.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/phpgwapi/inc/class.html.inc.php b/phpgwapi/inc/class.html.inc.php index 5c8ccb1fbc..76eccd10e7 100644 --- a/phpgwapi/inc/class.html.inc.php +++ b/phpgwapi/inc/class.html.inc.php @@ -144,9 +144,6 @@ class html static function activate_links($content) { if (!$content || strlen($content) < 20) return $content; // performance - // this seems to be needed as the preg_replace to match things beginning with http:// (or other protocols) - // seems to be throwing out & and leaving &; - which is breaking links. - $content = htmlspecialchars_decode($content); // Exclude everything which is already a link $NotAnchor = '(?