Fix FP textarea test (to no longer fire XSS)

dmitris · dmitris · commit 47fa543b8451 · 2015-05-01T22:48:04.000+02:00
diff --git a/transform.go b/transform.go
@@ -104,7 +104,7 @@ func init() {
 	trMap[TagsOff] = ReplaceFunction(RemoveTags)
 	trMap[TagsOffExceptTextareaClose] = ReplaceFunction(RemoveTagsExceptTextareaClose)
 	trMap[TagsOffUntilTextareaClose] = ReplaceFunction(RemoveTagsUntilTextareaClose)
-	trMap[TextareaCloseOff] = NewRegexpMatchEraser(`(?i)</(textarea[^>]*)>`)
+	trMap[TextareaCloseOff] = ReplaceFunction(removeTextareaClose)
 	trMap[TextareaSafe] = ReplaceFunction(ReplaceTextareaSafe)
 }
 
@@ -271,6 +271,12 @@ func ReplaceTextareaSafe(src string) (out string) {
 	return out
 }
 
+func removeTextareaClose(in string) (out string) {
+	re := regexp.MustCompile(`(?i)(</textarea\s*>)`)
+	out = re.ReplaceAllLiteralString(in, "")
+	return
+}
+
 func backslashDoublequotes(in string) (out string) {
 	for _, r := range in {
 		switch r {
