/** * @param $pContent */ public static function OnEndBufferContent(&$pContent) { if (CSecurityFilterMask::Check(SITE_ID, $_SERVER["REQUEST_URI"])) { return; } $filter = new CSecurityXSSDetect(); $pContent = $filter->process($pContent); }
/** * @param $content */ public static function OnEndBufferContent(&$content) { if (CSecuritySystemInformation::isCliMode()) { return; } if (CSecurityFilterMask::Check(SITE_ID, $_SERVER["REQUEST_URI"])) { return; } $filter = new CSecurityXSSDetect(); $content = $filter->process($content); }
/** * @param $content */ public static function OnEndBufferContent(&$content) { if (CSecuritySystemInformation::isCliMode()) return; if (CSecurityFilterMask::Check(SITE_ID, $_SERVER["REQUEST_URI"])) return; if (!preg_match('#</script#', $content)) // Probably does not include the scripts return; $filter = new CSecurityXSSDetect(); $filter->process($content); }
function getnames($str) { $flt = new CSecurityXSSDetect(array("action" => "none", "log" => "N")); $flt->removeQuotedStrings($str); $this->quotes = $flt->getQuotes(); $r = array('f' => array(), 'n' => array(), 's' => array()); if (preg_match_all("/(?<=[^\\w\\d\\_\\'\"]|^)([a-z][\\w\\d\\_]*)([^\\w\\d\\_\\'\"])/is", $str, $ret)) { $added = array(); foreach ($ret[1] as $k => $v) { if (!array_key_exists($v, $added)) { if ($ret[2][$k] == '(') { $r['f'][] = $v; } else { $r['n'][] = $v; } $added[$v] = 1; } } } $r['s'] = $this->quotes; return $r; }