summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2013-08-01 14:49:55 +0200
committerAleksander Machniak <alec@alec.pl>2013-08-01 14:54:17 +0200
commit276ea5fcaec2e9fd79a5c1d90ab78104252b35b5 (patch)
tree7f00998fd55fd95c5ca93cd5359dd4badf903fee /program
parenta67ad15d2f0b2f2e8aec9e5f0cff07f48447f287 (diff)
Fix XSS vulnerability when editing a message "as new" or draft (#1489251) - added HTML content "washing"
Conflicts: CHANGELOG
Diffstat (limited to 'program')
-rw-r--r--program/steps/mail/compose.inc10
1 files changed, 7 insertions, 3 deletions
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 73a7f34ac..5d588ab51 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -980,10 +980,14 @@ function rcmail_create_draft_body($body, $bodyIsHtml)
&& count($MESSAGE->mime_parts) > 0)
{
$cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
+ }
+
+ // clean up html tags - XSS prevention (#1489251)
+ $body = rcmail_wash_html($body, array('safe' => 1), $cid_map);
- // replace cid with href in inline images links
- if ($cid_map)
- $body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
+ // replace cid with href in inline images links
+ if ($cid_map) {
+ $body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
}
return $body;