[KVE-2025-0191] Stored XSS (bypass html_purify via Open Redirect) 취약점 수정

plugin/htmlpurifier/extend.video.php

@@ -77,4 +77,30 @@ if( !class_exists('HTMLPurifier_Filter_Iframevideo') ){
 			}
 		}
 	}
+}
+
+if( !class_exists('HTMLPurifierContinueParamFilter') ){
+	class HTMLPurifierContinueParamFilter extends HTMLPurifier_URIFilter
+	{
+		public $name = 'ContinueParamFilter';
+        
+        public function filter(&$uri, $config, $context)
+        {
+            // 쿼리 파라미터 검사
+            $query = $uri->query;
+            $path = $uri->path;
+            
+            if ($path && preg_match('#[\\\\/]logout#i', $path)) {
+                return false;
+            }
+            
+            if ($query) {
+                if (isset($query_params['continue'])) {
+                    return false;
+                }
+            }
+
+            return true; // 조건 통과 시 허용
+        }
+	}
 }