diff options
author | Thomas Bruederli <thomas@roundcube.net> | 2013-11-14 19:20:36 +0100 |
---|---|---|
committer | Thomas Bruederli <thomas@roundcube.net> | 2013-11-14 19:20:36 +0100 |
commit | 2af37485965d0fd0a121a0f23f821138ad1a5529 (patch) | |
tree | ef47ce1ae63a89e656c4c91f9678a06c68f23313 /program/steps/mail | |
parent | cf319546617486ecd925efbc16c54885f83ec8ab (diff) |
Clean HTML message body from URL parameters after enabling HTML mode in commit e957bfec
Diffstat (limited to 'program/steps/mail')
-rw-r--r-- | program/steps/mail/compose.inc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index 987cdb9a1..f75b219ff 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -446,6 +446,11 @@ function rcmail_process_compose_params(&$COMPOSE) } } + // clean HTML message body which can be submitted by URL + if ($COMPOSE['param']['body']) { + $COMPOSE['param']['body'] = rcmail_wash_html($COMPOSE['param']['body'], array('safe' => false, 'inline_html' => true), array()); + } + $RCMAIL = rcmail::get_instance(); // select folder where to save the sent message |