#297 보안취약점 처리 보완 (#300)

2024-01-02 10:17:41 +09:00
parent 72d03f305c
commit b7c557f44e
1 changed files with 3 additions and 3 deletions
--- a/plugin/htmlpurifier/extend.video.php
+++ b/plugin/htmlpurifier/extend.video.php
@ -61,9 +61,9 @@ if( !class_exists('HTMLPurifier_Filter_Iframevideo') ){
 		protected function postFilterCallback($matches)
 		{
 			// Domain Whitelist
-			$youTubeMatch = preg_match('#src="https?://www.youtube(-nocookie)?.com/#i', $matches[1]);
-			$vimeoMatch = preg_match('#src="https?://player.vimeo.com/#i', $matches[1]);
-            $fackbookMatch = preg_match('#src="https?://www.facebook.com/#i', $matches[1]);
+			$youTubeMatch = preg_match('#src="https?://www\.youtube(-nocookie)?\.com/#i', $matches[1]);
+			$vimeoMatch = preg_match('#src="https?://player\.vimeo\.com/#i', $matches[1]);
+            $fackbookMatch = preg_match('#src="https?://www\.facebook\.com/#i', $matches[1]);
 			if ($youTubeMatch || $vimeoMatch || $fackbookMatch) {
 				$extra = ' frameborder="0"';
 				if ($youTubeMatch || $fackbookMatch) {