- Модуль: security
- Путь к файлу: ~/bitrix/modules/security/classes/general/post_filter.php
- Класс: CSecurityXSSDetect
- Вызов: CSecurityXSSDetect::addVariable
protected function addVariable($name, $value)
{
if(!is_string($value))
return;
if(mb_strlen($value) <= 2)
return; //too short
if(preg_match("/^(?P["']?)[^`,;+-*/{}[]()&\|=\\]*(?P=quot)$/D", $value))
return; //there is no potantially dangerous code
if(preg_match("/^[,0-9_-]*$/D", $value))
return; //there is no potantially dangerous code
if(preg_match("/^[0-9 nrt\[\]]*$/D", $value))
return; //there is no potantially dangerous code
$this->variables->addVariable($name, $value);
}