summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Bruederli <thomas@roundcube.net>2013-11-14 19:20:36 +0100
committerThomas Bruederli <thomas@roundcube.net>2013-11-14 19:20:36 +0100
commit2af37485965d0fd0a121a0f23f821138ad1a5529 (patch)
treeef47ce1ae63a89e656c4c91f9678a06c68f23313
parentcf319546617486ecd925efbc16c54885f83ec8ab (diff)
Clean HTML message body from URL parameters after enabling HTML mode in commit e957bfec
-rw-r--r--program/steps/mail/compose.inc5
1 files changed, 5 insertions, 0 deletions
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 987cdb9a1..f75b219ff 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -446,6 +446,11 @@ function rcmail_process_compose_params(&$COMPOSE)
}
}
+ // clean HTML message body which can be submitted by URL
+ if ($COMPOSE['param']['body']) {
+ $COMPOSE['param']['body'] = rcmail_wash_html($COMPOSE['param']['body'], array('safe' => false, 'inline_html' => true), array());
+ }
+
$RCMAIL = rcmail::get_instance();
// select folder where to save the sent message