summaryrefslogtreecommitdiff
path: root/includes/OutputHandler.php
diff options
context:
space:
mode:
authorPierre Schmitz <pierre@archlinux.de>2008-08-15 01:29:47 +0200
committerPierre Schmitz <pierre@archlinux.de>2008-08-15 01:29:47 +0200
commit370e83bb0dfd0c70de268c93bf07ad5ee0897192 (patch)
tree491674f4c242e4d6ba0d04eafa305174c35a3391 /includes/OutputHandler.php
parentf4debf0f12d0524d2b2427c55ea3f16b680fad97 (diff)
Update auf 1.13.0
Diffstat (limited to 'includes/OutputHandler.php')
-rw-r--r--includes/OutputHandler.php16
1 files changed, 10 insertions, 6 deletions
diff --git a/includes/OutputHandler.php b/includes/OutputHandler.php
index 107553fc..2b3e9fae 100644
--- a/includes/OutputHandler.php
+++ b/includes/OutputHandler.php
@@ -48,7 +48,7 @@ function wfRequestExtension() {
// Can't get the path from the server? :(
return '';
}
-
+
$period = strrpos( $path, '.' );
if( $period !== false ) {
return strtolower( substr( $path, $period ) );
@@ -64,7 +64,7 @@ function wfGzipHandler( $s ) {
if( !function_exists( 'gzencode' ) || headers_sent() ) {
return $s;
}
-
+
$ext = wfRequestExtension();
if( $ext == '.gz' || $ext == '.tgz' ) {
// Don't do gzip compression if the URL path ends in .gz or .tgz
@@ -73,7 +73,7 @@ function wfGzipHandler( $s ) {
// Bad Safari! Bad!
return $s;
}
-
+
if( isset( $_SERVER['HTTP_ACCEPT_ENCODING'] ) ) {
$tokens = preg_split( '/[,; ]/', $_SERVER['HTTP_ACCEPT_ENCODING'] );
if ( in_array( 'gzip', $tokens ) ) {
@@ -81,7 +81,7 @@ function wfGzipHandler( $s ) {
$s = gzencode( $s, 3 );
}
}
-
+
// Set vary header if it hasn't been set already
$headers = headers_list();
$foundVary = false;
@@ -102,7 +102,12 @@ function wfGzipHandler( $s ) {
* Mangle flash policy tags which open up the site to XSS attacks.
*/
function wfMangleFlashPolicy( $s ) {
- return preg_replace( '/\<\s*cross-domain-policy\s*\>/i', '<NOT-cross-domain-policy>', $s );
+ # Avoid weird excessive memory usage in PCRE on big articles
+ if ( preg_match( '/\<\s*cross-domain-policy\s*\>/i', $s ) ) {
+ return preg_replace( '/\<\s*cross-domain-policy\s*\>/i', '<NOT-cross-domain-policy>', $s );
+ } else {
+ return $s;
+ }
}
/**
@@ -170,4 +175,3 @@ EOT;
$out .= '</ol></body></html>';
return $out;
}
-