diff options
| author | svncommit <devs@roundcube.net> | 2008-02-13 02:51:05 +0000 |
|---|---|---|
| committer | svncommit <devs@roundcube.net> | 2008-02-13 02:51:05 +0000 |
| commit | 2f93b031b2b72ec9be2255c387cae7c7713c2ff7 (patch) | |
| tree | 76d2942b20d27bc553509c06ac98d216fb984805 /program | |
| parent | 3d695da299cf236864ee75c02969669831950676 (diff) | |
condense TinyMCE toolbar down to one line, removing table buttons (#1484747)
fix image removal in message display when message HTML includes JS event handlers
Diffstat (limited to 'program')
| -rw-r--r-- | program/js/editor.js | 4 | ||||
| -rw-r--r-- | program/steps/mail/func.inc | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/program/js/editor.js b/program/js/editor.js index 919f5d24b..2f58fe0b1 100644 --- a/program/js/editor.js +++ b/program/js/editor.js @@ -22,8 +22,8 @@ function rcmail_editor_init(skin_path) apply_source_formatting : true, theme : 'advanced', plugins : 'emotions,media,nonbreaking,table,searchreplace,spellchecker,visualchars', - theme_advanced_buttons1 : 'bold,italic,underline,strikethrough,separator,justifyleft,justifycenter,justifyright,justifyfull,separator,bullist,numlist,outdent,indent,separator,link,unlink,emotions,forecolor,backcolor,formatselect,fontselect,fontsizeselect', - theme_advanced_buttons2 : 'undo,redo,image,media,hr,charmap,code,nonbreaking,visualchars,separator,search,replace,spellchecker,separator,tablecontrols', + theme_advanced_buttons1 : 'bold,italic,underline,separator,justifyleft,justifycenter,justifyright,justifyfull,separator,bullist,numlist,outdent,indent,separator,emotions,charmap,code,forecolor,backcolor,fontselect,fontsizeselect, separator,undo,redo,image,media', + theme_advanced_buttons2 : '', theme_advanced_buttons3 : '', theme_advanced_toolbar_location : 'top', theme_advanced_toolbar_align : 'left', diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 2563ec26b..b0d641778 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -988,7 +988,7 @@ function rcmail_sanitize_html($body, $container_id) while ($body != $prev_body) { $prev_body = $body; - $body = preg_replace('/(<[^!][^>]*\s)(on[^=>]+)=([^>]+>)/im', '$1__removed=$3', $body); + $body = preg_replace('/(<[^!][^>]*\s)on(?:load|unload|click|dblclick|mousedown|mouseup|mouseover|mousemove|mouseout|focus|blur|keypress|keydown|keyup|submit|reset|select|change)=([^>]+>)/im', '$1__removed=$2', $body); $body = preg_replace('/(<[^!][^>]*\shref=["\']?)(javascript:)([^>]*?>)/im', '$1null:$3', $body); } |