*/
static function getAttribsRegex() {
if ( self::$attribsRegex === null ) {
- $attribFirst = '[:A-Z_a-z0-9]';
- $attrib = '[:A-Z_a-z-.0-9]';
+ $attribFirst = "[:_\p{L}\p{N}]";
+ $attrib = "[:_\.\-\p{L}\p{N}]";
$space = '[\x09\x0a\x0c\x0d\x20]';
self::$attribsRegex =
"/(?:^|$space)({$attribFirst}{$attrib}*)
| '([^']*)(?:'|\$)
| (((?!$space|>).)*)
)
- )?(?=$space|\$)/sx";
+ )?(?=$space|\$)/sxu";
}
return self::$attribsRegex;
}
}
# Strip javascript "expression" from stylesheets.
- # http://msdn.microsoft.com/workshop/author/dhtml/overview/recalc.asp
+ # https://msdn.microsoft.com/en-us/library/ms537634.aspx
if ( $attribute == 'style' ) {
$value = Sanitizer::checkCss( $value );
}
* @return string normalized css
*/
public static function normalizeCss( $value ) {
-
// Decode character references like {
$value = Sanitizer::decodeCharReferences( $value );
];
$id = urlencode( strtr( $id, ' ', '_' ) );
- $id = str_replace( array_keys( $replace ), array_values( $replace ), $id );
+ $id = strtr( $id, $replace );
if ( !preg_match( '/^[a-zA-Z]/', $id ) && !in_array( 'noninitial', $options ) ) {
// Initial character must be a letter!