MySQL's utf8 charset only supports up to 3-byte symbols. Insterting four byte symbols (U+010000 to U+10FFFF) can be done maliciously to break HTML mark-up.

The ideal solution was to convert to MySQL's utf8mb4 charset, but then we would lose support for MySQL < 5.5.3. In this fix, incompatible characters are encoded as HTML numeric character references (eg. #65536) and just stripped from body_nommarkup.
2013-07-30 16:41:10 -04:00 · 2013-07-30 16:41:10 -04:00 · 461084d400
commit 461084d400
parent 54714595f7
2 changed files with 2 additions and 2 deletions
--- a/inc/functions.php
+++ b/inc/functions.php
@ -1523,7 +1523,7 @@ function markup(&$body, $track_cites = false) {
 }

 function utf8tohtml($utf8) {
-	return htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8');
+	return mb_encode_numericentity(htmlspecialchars($utf8, ENT_NOQUOTES, 'UTF-8'), array(0x010000, 0xffffff, 0, 0xffffff), 'UTF-8');
 }

 function ordutf8($string, &$offset) {