[FOLLOWUP][TASK] Code cleanup for RteHtmlParser 55/51455/2
authorFrans Saris <franssaris@gmail.com>
Sun, 29 Jan 2017 15:56:29 +0000 (16:56 +0100)
committerSusanne Moog <susanne.moog@typo3.org>
Mon, 30 Jan 2017 11:43:16 +0000 (12:43 +0100)
Resolves: #79280
Releases: master
Change-Id: I1d3815cef36d624c910d40eb6d63a3eba4f3f53d
Reviewed-on: https://review.typo3.org/51455
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Susanne Moog <susanne.moog@typo3.org>
Tested-by: Susanne Moog <susanne.moog@typo3.org>
typo3/sysext/core/Classes/Html/RteHtmlParser.php

index d715cee..793505b 100644 (file)
@@ -994,7 +994,7 @@ class RteHtmlParser extends HtmlParser
         if (!empty($this->allowedAttributesForParagraphTags)) {
             list($tagAttributes) = $this->get_tag_attributes($fTag);
             // Make sure the tag attributes only contain the ones that are defined to be allowed
-            $tagAttributes = array_intersect_key($tagAttributes, $this->allowedAttributesForParagraphTags);
+            $tagAttributes = array_intersect_key($tagAttributes, array_flip($this->allowedAttributesForParagraphTags));
 
             // Only allow classes that are whitelisted in $this->allowedClasses
             if (trim($tagAttributes['class']) !== '' && !empty($this->allowedClasses) && !in_array($tagAttributes['class'], $this->allowedClasses, true)) {