From fb4f01ca74acb999b195ece533e05de3b46fc15e Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Thu, 13 Mar 2014 12:22:56 -0500
Subject: [PATCH] html: Be careful not to strip too much

If there is content between to <style> elements, the content was previously
stripped by Format::safe_html function. This patch adjusts the regex to
strip tags such as <head>, <script> and <style> so that if content is found
between two of them, it will be preserved.
---
 include/class.format.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/class.format.php b/include/class.format.php
index 03216e4a0..048b886b7 100644
--- a/include/class.format.php
+++ b/include/class.format.php
@@ -199,7 +199,7 @@ class Format {
     function safe_html($html) {
         // Remove HEAD and STYLE sections
         $html = preg_replace(
-            array(':<(head|style|script).+</\1>:is',   # <head> and <style> sections
+            array(':<(head|style|script).+?</\1>:is', # <head> and <style> sections
                   ':<!\[[^]<]+\]>:',            # <![if !mso]> and friends
                   ':<!DOCTYPE[^>]+>:',          # <!DOCTYPE ... >
                   ':<\?[^>]+>:',                # <?xml version="1.0" ... >
-- 
GitLab