Fixed ZF-9463, security issue in h1 markups.

git-svn-id: http://framework.zend.com/svn/framework/standard/trunk@21550 44c647ce-9c0f-0410-b52a-842ac1e357ba

library/Zend/Markup/Renderer/Html.php

@@ -182,37 +182,37 @@ class Zend_Markup_Renderer_Html extends Zend_Markup_Renderer_RendererAbstract
                 'type'   => 10,
                 'tag'    => 'h1',
                 'group'  => 'inline',
-                'filter' => false,
+                'filter' => true,
             ),
             'h2' => array(
                 'type'   => 10,
                 'tag'    => 'h2',
                 'group'  => 'inline',
-                'filter' => false,
+                'filter' => true,
             ),
             'h3' => array(
                 'type'   => 10,
                 'tag'    => 'h3',
                 'group'  => 'inline',
-                'filter' => false,
+                'filter' => true,
             ),
             'h4' => array(
                 'type'   => 10,
                 'tag'    => 'h4',
                 'group'  => 'inline',
-                'filter' => false,
+                'filter' => true,
             ),
             'h5' => array(
                 'type'   => 10,
                 'tag'    => 'h5',
                 'group'  => 'inline',
-                'filter' => false,
+                'filter' => true,
             ),
             'h6' => array(
                 'type'   => 10,
                 'tag'    => 'h6',
                 'group'  => 'inline',
-                'filter' => false,
+                'filter' => true,
             ),
             // callback tags
             'url' => array(

tests/Zend/Markup/BbcodeAndHtmlTest.php

@@ -530,6 +530,16 @@ BBCODE;
         $this->assertEquals('<a href="http://framework.zend.com/">test</a><a href="http://framework.zend.com/">test</a>',
             $m->render('[url="http://framework.zend.com/"]test[/url][url="http://framework.zend.com/"]test[/url]'));
     }
+
+    /**
+     * Test for ZF-9463
+     */
+    public function testNoXssInH()
+    {
+        $m = $this->_markup;
+        $this->assertEquals('<h1>&lt;script&gt;alert(&quot;hi&quot;);&lt;/script&gt;</h1>',
+            $m->render('[h1]<script>alert("hi");</script>[/h1]'));
+    }
 }
 
 // Call Zend_Markup_BbcodeAndHtmlTest::main()