diff options
author | Thomas Bruederli <thomas@roundcube.net> | 2013-08-14 23:36:55 +0200 |
---|---|---|
committer | Thomas Bruederli <thomas@roundcube.net> | 2013-08-14 23:36:55 +0200 |
commit | 341fa8b9a6207000d057e00678d96ada6136f783 (patch) | |
tree | f8049ade80bf816e6b9d4d843b6e83a8b132e72a /program/steps/mail/compose.inc | |
parent | 96c4b9098bec7191c708d4e4f96b80b2768a7ef0 (diff) | |
parent | f4ba655a41bad1d2f833e36dd3fbe7cb2a5582ee (diff) |
Merge branch 'release-0.9' of github.com:roundcube/roundcubemail into release-0.9
Diffstat (limited to 'program/steps/mail/compose.inc')
-rw-r--r-- | program/steps/mail/compose.inc | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index 73a7f34ac..fb76b9abb 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -198,7 +198,10 @@ if (!empty($msg_uid) && empty($COMPOSE['as_attachment'])) if (!empty($MESSAGE->headers->charset)) $RCMAIL->storage->set_charset($MESSAGE->headers->charset); - if ($compose_mode == RCUBE_COMPOSE_REPLY) { + if (!$MESSAGE->headers) { + // error + } + else if ($compose_mode == RCUBE_COMPOSE_REPLY) { $COMPOSE['reply_uid'] = $msg_uid; $COMPOSE['reply_msgid'] = $MESSAGE->headers->messageID; $COMPOSE['references'] = trim($MESSAGE->headers->references . " " . $MESSAGE->headers->messageID); @@ -980,10 +983,19 @@ function rcmail_create_draft_body($body, $bodyIsHtml) && count($MESSAGE->mime_parts) > 0) { $cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml); + } + + // clean up HTML tags - XSS prevention (#1489251) + if ($bodyIsHtml) { + $body = rcmail_wash_html($body, array('safe' => 1), $cid_map); + + // remove comments (produced by washtml) + $body = preg_replace('/<!--[^>]+-->/', '', $body); // replace cid with href in inline images links - if ($cid_map) + if (!empty($cid_map)) { $body = str_replace(array_keys($cid_map), array_values($cid_map), $body); + } } return $body; |