Fixes #923: Improved purification api

55ed4e14 · Prasad · 5eabddab · 55ed4e14
Commit 55ed4e14 authored 7 years ago by Prasad
--- a/include/utils/VtlibUtils.php
+++ b/include/utils/VtlibUtils.php
@@ -718,7 +718,7 @@ function purifyHtmlEventAttributes($value){
 						"onclick|ondblclick|ondrag|ondragend|ondragenter|ondragleave|ondragover|".
 						"ondragstart|ondrop|onmousedown|onmousemove|onmouseout|onmouseover|".
 						"onmouseup|onmousewheel|onscroll|onwheel|oncopy|oncut|onpaste";
-	if(preg_match("/\s(".$htmlEventAttributes.")\s*=/i", $value)) {
+	if(preg_match("/\s*(".$htmlEventAttributes.")\s*=/i", $value)) {
 		$value = str_replace("=", "&equals;", $value);
 	}
 	return $value;