bug #54513 [HtmlSanitizer] Ignore Processing Instructions (smnandre)

fabpot · fabpot · commit 00ba3ad7a4e5 · 2024-04-08T12:57:41.000+02:00
This PR was merged into the 6.4 branch. Discussion ---------- [HtmlSanitizer] Ignore Processing Instructions | Q | A | ------------- | --- | Branch? | 6.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Issues | Fix #54492 | License | MIT Ignore Processing Instructions (as comments) to avoid mixing them with standard DOM nodes (see #54492) (targetting 6.4 as the component was released in 6.1)) Commits ------- 3582bdd [HtmlSanitizer] Ignore Processing Instructions
diff --git a/src/Symfony/Component/HtmlSanitizer/Tests/HtmlSanitizerAllTest.php b/src/Symfony/Component/HtmlSanitizer/Tests/HtmlSanitizerAllTest.php
@@ -309,6 +309,12 @@ public static function provideSanitizeBody()
                 'Lorem ipsum  ',
             ],
 
+            // Processing instructions
+            [
+                'Lorem ipsum<?div x?>foo',
+                'Lorem ipsumfoo',
+            ],
+
             // Normal tags
             [
                 '<abbr>Lorem ipsum</abbr>',
diff --git a/src/Symfony/Component/HtmlSanitizer/Visitor/DomVisitor.php b/src/Symfony/Component/HtmlSanitizer/Visitor/DomVisitor.php
@@ -134,9 +134,10 @@ private function visitChildren(\DOMNode $domNode, Cursor $cursor): void
             if ('#text' === $child->nodeName) {
                 // Add text directly for performance
                 $cursor->node->addChild(new TextNode($cursor->node, $child->nodeValue));
-            } elseif (!$child instanceof \DOMText) {
+            } elseif (!$child instanceof \DOMText && !$child instanceof \DOMProcessingInstruction) {
                 // Otherwise continue the visit recursively
                 // Ignore comments for security reasons (interpreted differently by browsers)
+                // Ignore processing instructions (treated as comments)
                 $this->visitNode($child, $cursor);
             }
         }
