| View Changeset
/hippo
Jump to revision: Previous Next
Author: jbloemendal
Date: Wed May 9 10:24:21 2012 UTC (6 years, 7 months ago)
Log Message:
CMS7-6095: root javascript element xss get transformed into head script xss
 
 XSS which is part of a head element with no following body element is not getting removed. The neko parser transforms the html structure, if no body element is present the HtmlRepairer is throwing an exception. The  html-element cleanup method is split up into html- and head-element, in case the body-element is reached the head-element method is skipping further processing.

Changed paths