summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2014-05-20 19:25:45 +0200
committerAleksander Machniak <alec@alec.pl>2014-05-20 19:25:45 +0200
commit82ed256f6eeba8dce305f3953aa70681351c9bad (patch)
tree98364f351cdf3bd23d9cccc02e1dd1b40ed5420a /program
parent79babb69ab39a6b511d8a776aed6f7642a9eedbd (diff)
Fix incorrect handling of HTML comments in messages sanitization code (#1489904)
Diffstat (limited to 'program')
-rw-r--r--program/lib/Roundcube/rcube_washtml.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php
index e23e5b21d..5f40eecf4 100644
--- a/program/lib/Roundcube/rcube_washtml.php
+++ b/program/lib/Roundcube/rcube_washtml.php
@@ -456,7 +456,7 @@ class rcube_washtml
// Remove invalid HTML comments (#1487759)
// Don't remove valid conditional comments
// Don't remove MSOutlook (<!-->) conditional comments (#1489004)
- $html = preg_replace('/<!--[^->\[\n]+>/', '', $html);
+ $html = preg_replace('/<!--[^-<>\[\n]+>/', '', $html);
// fix broken nested lists
self::fix_broken_lists($html);