X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;ds=sidebyside;f=includes%2FHtml.php;h=8c014487491ce719ac43070de3da957bbda7052a;hb=bae9c5aca69c62ff8ae32956a082c0787cb06b73;hp=7cb75bba9195fe9f33cfe125bf207c1c6a4aa61e;hpb=52f5f388a40e08a76b6c4efc52fedd1c65cc166d;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/Html.php b/includes/Html.php
index 7cb75bba91..8c01448749 100644
--- a/includes/Html.php
+++ b/includes/Html.php
@@ -627,6 +627,17 @@ class Html {
 	 * @return string Raw HTML
 	 */
 	public static function inlineStyle( $contents, $media = 'all' ) {
+		// Don't escape '>' since that is used
+		// as direct child selector.
+		// Remember, in css, there is no "x" for hexadecimal escapes, and
+		// the space immediately after an escape sequence is swallowed.
+		$contents = strtr( $contents, [
+			'<' => '\3C ',
+			// CDATA end tag for good measure, but the main security
+			// is from escaping the '<'.
+			']]>' => '\5D\5D\3E '
+		] );
+
 		if ( preg_match( '/[<&]/', $contents ) ) {
 			$contents = "/*<![CDATA[*/$contents/*]]>*/";
 		}