summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorthomascube <thomas@roundcube.net>2008-04-02 12:08:12 +0000
committerthomascube <thomas@roundcube.net>2008-04-02 12:08:12 +0000
commita3e5b42e0debc9a31133c78e8e4f71169484e4a0 (patch)
treef8472b925e39c9f1f19d004d4b0c743c74c707db
parent1affe9e3ca8d2aa959455535d5ba7355443766d8 (diff)
Remove evil css styles like expression() in HTML messages
-rw-r--r--program/include/main.inc7
1 files changed, 6 insertions, 1 deletions
diff --git a/program/include/main.inc b/program/include/main.inc
index cb25fbd77..459648668 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -1377,6 +1377,7 @@ function rcmail_mail_domain($host)
/**
* Replace all css definitions with #container [def]
+ * and remove css-inlined scripting
*
* @param string CSS source code
* @param string Container ID to use as prefix
@@ -1386,6 +1387,10 @@ function rcmail_mod_css_styles($source, $container_id, $base_url = '')
{
$a_css_values = array();
$last_pos = 0;
+
+ // ignore the whole block if evil styles are detected
+ if (stristr($source, 'expression') || stristr($source, 'behavior'))
+ return '';
// cut out all contents between { and }
while (($pos = strpos($source, '{', $last_pos)) && ($pos2 = strpos($source, '}', $pos)))
@@ -1396,7 +1401,7 @@ function rcmail_mod_css_styles($source, $container_id, $base_url = '')
$last_pos = $pos+2;
}
- // remove html commends and add #container to each tag selector.
+ // remove html comments and add #container to each tag selector.
// also replace body definition because we also stripped off the <body> tag
$styles = preg_replace(
array(