diff options
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | program/steps/mail/compose.inc | 1 | ||||
-rw-r--r-- | program/steps/settings/edit_identity.inc | 2 |
3 files changed, 4 insertions, 0 deletions
@@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Fix HTML entities handling in HTML editor (#1488483) - Fix listing shared folders on Courier IMAP (#1488466) - Fix issue where draft auto-save wasn't executed after some inactivity time - Add vCard import from multiple files at once (#1488015) diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc index c0a5bf7bc..47d97faad 100644 --- a/program/steps/mail/compose.inc +++ b/program/steps/mail/compose.inc @@ -770,6 +770,7 @@ function rcmail_compose_body($attrib) // If desired, set this textarea to be editable by TinyMCE if ($isHtml) { + $MESSAGE_BODY = htmlentities($MESSAGE_BODY, ENT_NOQUOTES, RCMAIL_CHARSET); $attrib['class'] = 'mce_editor'; $textarea = new html_textarea($attrib); $out .= $textarea->show($MESSAGE_BODY); diff --git a/program/steps/settings/edit_identity.inc b/program/steps/settings/edit_identity.inc index f594525e1..c3ac4688f 100644 --- a/program/steps/settings/edit_identity.inc +++ b/program/steps/settings/edit_identity.inc @@ -91,6 +91,8 @@ function rcube_identity_form($attrib) $form['signature']['content']['signature']['class'] = 'mce_editor'; } + $IDENTITY_RECORD['signature'] = htmlentities($IDENTITY_RECORD['signature'], ENT_NOQUOTES, RCMAIL_CHARSET); + // disable some field according to access level if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3) { $form['addressing']['content']['email']['disabled'] = true; |