function _filterMETA($content, $type)
{
$type = strtolower($this->_sanitize($type));
switch ($type) {
case 'set-cookie':
/* <META HTTP-EQUIV="Set-Cookie" Content="USERID=<SCRIPT>alert('XSS')</SCRIPT>"> */
$filter = new HTMLFilter();
$content = $filter->parse(html_entity_decode($content));
return $content;
case 'link':
/* <META HTTP-EQUIV="Link" Content="<http://ha.ckers.org/xss.css>; REL=stylesheet"> */
if (!$this->_filterURL($content)) {
return false;
} else {
return $content;
}
case 'refresh':
/* <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS');"> */
$content_arr = explode(';', $content);
$content = array();
$f_data = false;
foreach ($content_arr as $cnt) {
if ($f_data) {
/* <META HTTP-EQUIV="refresh" CONTENT="0;url=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K"> */
$f_data = false;
continue;
}
if (preg_match('/url\\s*=(.*)/i', $cnt, $m)) {
if ($this->_checkExpress($m[1], 'data:', false)) {
/* we don't know what is the data in many cases, get rid of it!!! */
$f_data = true;
continue;
}
if (!$this->_filterURL($m[1])) {
continue;
}
}
$content[] = $cnt;
}
if (!count($content)) {
return false;
}
return implode(';', $content);
default:
return $content;
}
}
/**
* HTML filter
*
* Provides filtering of input into accepted HTML.
*
* @param $text
* @param $format
* @param $filter
* @return string
*/
public static function html($text, $format, $filter)
{
$text = (string) HTMLFilter::factory($text, $format, $filter)->render();
if ($filter['settings']['html_nofollow']) {
$html_dom = static::dom_load($text);
$links = $html_dom->getElementsByTagName('a');
foreach ($links as $link) {
$link->setAttribute('rel', 'nofollow');
//Shortens long URLs to http://www.example.com/long/url...
if ($filter['settings']['url_length']) {
$link->nodeValue = static::limit_chars($link->nodeValue, (int) $filter['settings']['url_length'], '....');
}
}
$text = static::dom_serialize($html_dom);
}
return trim($text);
}
