diff options
| author | Aleksander Machniak <alec@alec.pl> | 2013-11-28 09:12:03 +0100 |
|---|---|---|
| committer | Aleksander Machniak <alec@alec.pl> | 2013-11-28 09:12:03 +0100 |
| commit | ffec857b697ce0a23134f04cf345dc3a8b45a7ae (patch) | |
| tree | eb93710b360ef9971d2ce4c699e5aec278d7c83e | |
| parent | 993eb88d5aaeccd2d60758dd01f27265230e18b7 (diff) | |
Fix handling of invalid closing tags in HTML messages (#1489446)
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | program/lib/Roundcube/rcube_washtml.php | 9 | ||||
| -rw-r--r-- | tests/Framework/Washtml.php | 13 |
3 files changed, 21 insertions, 2 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Fix handling of invalid closing tags in HTML messages (#1489446) - Set real content-type for file downloads (#1489439) - Update TinyMCE to version 3.5.10 (#1489442) - Fix keyboard navigation in list widgets (#1489392) diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php index e7467545f..9cf3c6222 100644 --- a/program/lib/Roundcube/rcube_washtml.php +++ b/program/lib/Roundcube/rcube_washtml.php @@ -455,7 +455,7 @@ class rcube_washtml } // fix (unknown/malformed) HTML tags before "wash" - $html = preg_replace_callback('/(<(?!\!)[\/]*)([^\s>]+)/', array($this, 'html_tag_callback'), $html); + $html = preg_replace_callback('/(<(?!\!)[\/]*)([^\s>]+)([^>]*)/', array($this, 'html_tag_callback'), $html); // Remove invalid HTML comments (#1487759) // Don't remove valid conditional comments @@ -479,7 +479,12 @@ class rcube_washtml '/[^a-z0-9_\[\]\!-]/i', // forbidden characters ), '', $tagname); - return $matches[1] . $tagname; + // fix invalid closing tags - remove any attributes (#1489446) + if ($matches[1] == '</') { + $matches[3] = ''; + } + + return $matches[1] . $tagname . $matches[3]; } /** diff --git a/tests/Framework/Washtml.php b/tests/Framework/Washtml.php index cb7234314..0d050ff30 100644 --- a/tests/Framework/Washtml.php +++ b/tests/Framework/Washtml.php @@ -68,4 +68,17 @@ class Framework_Washtml extends PHPUnit_Framework_TestCase $this->assertRegExp('|<textarea>test</textarea>|', $washed, "Self-closing textarea (#1489137)"); } + /** + * Test fixing of invalid closing tags (#1489446) + */ + function test_closing_tag_attrs() + { + $html = "<a href=\"http://test.com\">test</a href>"; + + $washer = new rcube_washtml; + $washed = $washer->wash($html); + + $this->assertRegExp('|</a>|', $washed, "Invalid closing tag (#1489446)"); + } + } |