diff options
author | Aleksander Machniak <alec@alec.pl> | 2014-05-20 19:25:45 +0200 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2014-05-20 19:25:45 +0200 |
commit | 82ed256f6eeba8dce305f3953aa70681351c9bad (patch) | |
tree | 98364f351cdf3bd23d9cccc02e1dd1b40ed5420a /program | |
parent | 79babb69ab39a6b511d8a776aed6f7642a9eedbd (diff) |
Fix incorrect handling of HTML comments in messages sanitization code (#1489904)
Diffstat (limited to 'program')
-rw-r--r-- | program/lib/Roundcube/rcube_washtml.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php index e23e5b21d..5f40eecf4 100644 --- a/program/lib/Roundcube/rcube_washtml.php +++ b/program/lib/Roundcube/rcube_washtml.php @@ -456,7 +456,7 @@ class rcube_washtml // Remove invalid HTML comments (#1487759) // Don't remove valid conditional comments // Don't remove MSOutlook (<!-->) conditional comments (#1489004) - $html = preg_replace('/<!--[^->\[\n]+>/', '', $html); + $html = preg_replace('/<!--[^-<>\[\n]+>/', '', $html); // fix broken nested lists self::fix_broken_lists($html); |