summaryrefslogtreecommitdiff
path: root/program/lib/Roundcube
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2014-05-20 19:25:45 +0200
committerAleksander Machniak <alec@alec.pl>2014-05-20 19:26:27 +0200
commit2d233bf49c7d1eee76c2d0b9591a4576a99b5e66 (patch)
treef349536aeb05b264e40aecf7c04902ed8b202bbd /program/lib/Roundcube
parent5c8e60d45de9dd2e44ef4fde77ab777ae7f9410f (diff)
Fix incorrect handling of HTML comments in messages sanitization code (#1489904)
Diffstat (limited to 'program/lib/Roundcube')
-rw-r--r--program/lib/Roundcube/rcube_washtml.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php
index e23e5b21d..5f40eecf4 100644
--- a/program/lib/Roundcube/rcube_washtml.php
+++ b/program/lib/Roundcube/rcube_washtml.php
@@ -456,7 +456,7 @@ class rcube_washtml
// Remove invalid HTML comments (#1487759)
// Don't remove valid conditional comments
// Don't remove MSOutlook (<!-->) conditional comments (#1489004)
- $html = preg_replace('/<!--[^->\[\n]+>/', '', $html);
+ $html = preg_replace('/<!--[^-<>\[\n]+>/', '', $html);
// fix broken nested lists
self::fix_broken_lists($html);