summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2013-08-01 14:49:55 +0200
committerAleksander Machniak <alec@alec.pl>2013-08-01 14:49:55 +0200
commit93b0a30c1c8aa29d862b587b31e52bcc344b8d16 (patch)
tree0eae27915d0c4054aaf80e59a26f9eccf16ae678 /program
parent9f324e3a1bf3ddac141015746bd015df7e0ee853 (diff)
Fix XSS vulnerability when editing a message "as new" or draft (#1489251) - added HTML content "washing"
Diffstat (limited to 'program')
-rw-r--r--program/steps/mail/compose.inc10
1 files changed, 7 insertions, 3 deletions
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 2330bc040..590d9c27f 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -1000,10 +1000,14 @@ function rcmail_create_draft_body($body, $bodyIsHtml)
&& count($MESSAGE->mime_parts) > 0)
{
$cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
+ }
+
+ // clean up html tags - XSS prevention (#1489251)
+ $body = rcmail_wash_html($body, array('safe' => 1), $cid_map);
- // replace cid with href in inline images links
- if ($cid_map)
- $body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
+ // replace cid with href in inline images links
+ if ($cid_map) {
+ $body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
}
return $body;