summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2009-09-30 18:06:41 +0000
committeralecpl <alec@alec.pl>2009-09-30 18:06:41 +0000
commitbf1b66bf1d6eb000938f0080042fce0919976a94 (patch)
treea8e1d822dc46f0d3ff1d12699b03a3b67941f1e5
parent52bd7bf16ed79c10c3b37d147595f57f3cc53cd6 (diff)
- Fix handling HTML comments in HTML messages (#1486189)
-rw-r--r--CHANGELOG1
-rw-r--r--program/steps/mail/func.inc6
2 files changed, 6 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG
index d462bf19f..561bb60a7 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail
===========================
+- Fix handling HTML comments in HTML messages (#1486189)
- Fix folder/messagelist controls alignment - icons used (#1486072)
- Fix LDAP addressbook shows 'Contact not found' error sometimes (#1486178)
- Fix cache status checking + improve cache operations performance (#1486104)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 35354eb28..0f835e9ae 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -734,7 +734,7 @@ function rcmail_wash_html($html, $p = array(), $cid_replaces)
// allow CSS styles, will be sanitized by rcmail_washtml_callback()
$washer->add_callback('style', 'rcmail_washtml_callback');
-
+
$html = $washer->wash($html);
$REMOTE_OBJECTS = $washer->extlinks;
@@ -892,6 +892,10 @@ function rcmail_html_tag_callback($matches)
{
$tagname = $matches[2];
+ // html comments (#1486189)
+ if ($matches[1] == '<!')
+ return '<!';
+
$tagname = preg_replace(array(
'/:.*$/', // Microsoft's Smart Tags <st1:xxxx>
'/[^a-z0-9_-]/i', // forbidden characters