From a254cad13911991d0673122ecd3d76b6973e5d42 Mon Sep 17 00:00:00 2001 From: marcus Date: Thu, 12 Feb 2009 14:14:00 +0000 Subject: Refs #561: Removed & encoding from kses but retaining script input and entities. git-svn-id: https://code.elgg.org/elgg/trunk@2724 36083f99-b078-4883-b0ff-0f9b5a30f544 --- vendors/kses/kses.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'vendors') diff --git a/vendors/kses/kses.php b/vendors/kses/kses.php index d97d8601d..65da29599 100644 --- a/vendors/kses/kses.php +++ b/vendors/kses/kses.php @@ -513,7 +513,7 @@ function kses_normalize_entities($string) { # Disarm all entities by converting & to & - $string = str_replace('&', '&', $string); + // $string = str_replace('&', '&', $string); // [Marcus Povey 20090212: Commented out in ref #561. Needs a better solution. ] # Change back the allowed entities in our entity whitelist -- cgit v1.2.3