MC-41412: Improve inline translation.

StasKozar · StasKozar · commit 7e3ce018939e · 2021-03-24T13:55:43.000+02:00
diff --git a/lib/internal/Magento/Framework/Filter/Input/MaliciousCode.php b/lib/internal/Magento/Framework/Filter/Input/MaliciousCode.php
@@ -30,7 +30,7 @@ class MaliciousCode implements \Zend_Filter_Interface
         '/(ondblclick|onclick|onkeydown|onkeypress|onkeyup|onmousedown|onmousemove|onmouseout|onmouseover|onmouseup|'.
         'onload|onunload|onerror)=[^<]*(?=\/*\>)/Uis',
         //tags
-        '/<\/?(script|meta|link|frame|iframe|object).*>/Uis',
+        '/<\/?\??(script|meta|link|frame|iframe|object|php).*>/Uis',
         //base64 usage
         '/src=[^<]*base64[^<]*(?=\/*\>)/Uis',
     ];
diff --git a/lib/internal/Magento/Framework/Filter/Test/Unit/Input/MaliciousCodeTest.php b/lib/internal/Magento/Framework/Filter/Test/Unit/Input/MaliciousCodeTest.php
@@ -112,6 +112,7 @@ public function filterDataProvider()
             'Nested malicious tags' => [
                 '<scri<script>pt>alert(1);</scri<script>pt>',
                 'alert(1);',
+                '<?php echo "test"?>',
             ]
         ];
     }

Original file line number	Diff line number	Diff line change
`@@ -112,6 +112,7 @@ public function filterDataProvider()`
`112`	`112`	`'Nested malicious tags' => [`
`113`	`113`	`'<scri<script>pt>alert(1);</scri<script>pt>',`
`114`	`114`	`'alert(1);',`
	`115`	`+ '<?php echo "test"?>',`
`115`	`116`	`]`
`116`	`117`	`];`
`117`	`118`	`}`