diff options
author | Aleksander Machniak <alec@alec.pl> | 2012-11-21 19:52:03 +0100 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2012-11-21 19:52:03 +0100 |
commit | ba6f21caeb405c7e8512a09941fefbc97286e45f (patch) | |
tree | 4a0e8f6fbab3260d37bf85cbf0bc9f506e627678 /program/lib/Roundcube/rcube_content_filter.php | |
parent | f707fec0001d7dc7d46be114c42b37e49a052660 (diff) |
Framework files moved to lib/Roundcube
Diffstat (limited to 'program/lib/Roundcube/rcube_content_filter.php')
-rw-r--r-- | program/lib/Roundcube/rcube_content_filter.php | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/program/lib/Roundcube/rcube_content_filter.php b/program/lib/Roundcube/rcube_content_filter.php new file mode 100644 index 000000000..99916a300 --- /dev/null +++ b/program/lib/Roundcube/rcube_content_filter.php @@ -0,0 +1,60 @@ +<?php + +/* + +-----------------------------------------------------------------------+ + | program/include/rcube_content_filter.php | + | | + | This file is part of the Roundcube Webmail client | + | Copyright (C) 2011, The Roundcube Dev Team | + | | + | Licensed under the GNU General Public License version 3 or | + | any later version with exceptions for skins & plugins. | + | See the README file for a full license statement. | + | | + | PURPOSE: | + | PHP stream filter to detect evil content in mail attachments | + | | + +-----------------------------------------------------------------------+ + | Author: Thomas Bruederli <roundcube@gmail.com> | + +-----------------------------------------------------------------------+ +*/ + +/** + * PHP stream filter to detect html/javascript code in attachments + * + * @package Framework + * @subpackage Core + */ +class rcube_content_filter extends php_user_filter +{ + private $buffer = ''; + private $cutoff = 2048; + + function onCreate() + { + $this->cutoff = rand(2048, 3027); + return true; + } + + function filter($in, $out, &$consumed, $closing) + { + while ($bucket = stream_bucket_make_writeable($in)) { + $this->buffer .= $bucket->data; + + // check for evil content and abort + if (preg_match('/<(script|iframe|object)/i', $this->buffer)) { + return PSFS_ERR_FATAL; + } + + // keep buffer small enough + if (strlen($this->buffer) > 4096) { + $this->buffer = substr($this->buffer, $this->cutoff); + } + + $consumed += $bucket->datalen; + stream_bucket_append($out, $bucket); + } + + return PSFS_PASS_ON; + } +} |