summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
authorsvncommit <devs@roundcube.net>2006-12-29 10:11:25 +0000
committersvncommit <devs@roundcube.net>2006-12-29 10:11:25 +0000
commit5e98e109b9150f59e119ee30fdfaf6a54d077e9a (patch)
treee05a35b8e0328e62be30ae9d718b82da1099362b /program
parent068f6a4920bc36ab73105c6cafb05479c0673509 (diff)
Fix HTML cleanup (fixes #1484183)
Diffstat (limited to 'program')
-rw-r--r--program/steps/mail/func.inc8
1 files changed, 6 insertions, 2 deletions
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 257502e15..e12208d46 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -1210,8 +1210,12 @@ function rcmail_mod_html_body($body, $container_id)
}
// replace event handlers on any object
- $body = preg_replace('/\s(on[^=]+)=/im', ' __removed=', $body);
- $body = preg_replace('/\shref=["\']?(javascript:)/im', 'null:', $body);
+ while ($body != $prev_body)
+ {
+ $prev_body = $body;
+ $body = preg_replace('/(<[^!][^>]*?\s)(on\w+?)(=[^>]*?>)/im', '$1__removed=$3', $body);
+ $body = preg_replace('/(<[^!][^>]*?\shref=["\']?)(javascript:)([^>]*?>)/im', '$1null:$3', $body);
+ }
// resolve <base href>
$base_reg = '/(<base.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i';