diff options
author | thomascube <thomas@roundcube.net> | 2008-04-02 12:08:12 +0000 |
---|---|---|
committer | thomascube <thomas@roundcube.net> | 2008-04-02 12:08:12 +0000 |
commit | a3e5b42e0debc9a31133c78e8e4f71169484e4a0 (patch) | |
tree | f8472b925e39c9f1f19d004d4b0c743c74c707db | |
parent | 1affe9e3ca8d2aa959455535d5ba7355443766d8 (diff) |
Remove evil css styles like expression() in HTML messages
-rw-r--r-- | program/include/main.inc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/program/include/main.inc b/program/include/main.inc index cb25fbd77..459648668 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -1377,6 +1377,7 @@ function rcmail_mail_domain($host) /** * Replace all css definitions with #container [def] + * and remove css-inlined scripting * * @param string CSS source code * @param string Container ID to use as prefix @@ -1386,6 +1387,10 @@ function rcmail_mod_css_styles($source, $container_id, $base_url = '') { $a_css_values = array(); $last_pos = 0; + + // ignore the whole block if evil styles are detected + if (stristr($source, 'expression') || stristr($source, 'behavior')) + return ''; // cut out all contents between { and } while (($pos = strpos($source, '{', $last_pos)) && ($pos2 = strpos($source, '}', $pos))) @@ -1396,7 +1401,7 @@ function rcmail_mod_css_styles($source, $container_id, $base_url = '') $last_pos = $pos+2; } - // remove html commends and add #container to each tag selector. + // remove html comments and add #container to each tag selector. // also replace body definition because we also stripped off the <body> tag $styles = preg_replace( array( |