summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG1
-rw-r--r--program/include/rcube_message.php5
-rw-r--r--program/steps/mail/compose.inc20
3 files changed, 21 insertions, 5 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 6ce469cd5..9f8464c5f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix handling of text/enriched content on message reply/forward/edit
- Fix XSS vulnerability in handling of text/enriched messages (#1488806)
- Fix handling of 'media' attribute on linked css (#1488789)
- Fix excessive LFs at the end of composed message with top_posting=true (#1488797)
diff --git a/program/include/rcube_message.php b/program/include/rcube_message.php
index 9b8484c15..74bf4574f 100644
--- a/program/include/rcube_message.php
+++ b/program/include/rcube_message.php
@@ -198,14 +198,15 @@ class rcube_message
* Determine if the message contains a HTML part
*
* @param bool $recursive Enables checking in all levels of the structure
+ * @param bool $enriched Enables checking for text/enriched parts too
*
* @return bool True if a HTML is available, False if not
*/
- function has_html_part($recursive = true)
+ function has_html_part($recursive = true, $enriched = false)
{
// check all message parts
foreach ($this->parts as $part) {
- if ($part->mimetype == 'text/html') {
+ if ($part->mimetype == 'text/html' || ($enriched && $part->mimetype == 'text/enriched')) {
// Level check, we'll skip e.g. HTML attachments
if (!$recursive) {
$level = explode('.', $part->mime_id);
diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index 87a06e10d..ffc1c7518 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -611,13 +611,13 @@ function rcmail_compose_editor_mode()
$useHtml = !empty($_POST['_is_html']);
}
else if ($compose_mode == RCUBE_COMPOSE_DRAFT || $compose_mode == RCUBE_COMPOSE_EDIT) {
- $useHtml = $MESSAGE->has_html_part(false);
+ $useHtml = $MESSAGE->has_html_part(false, true);
}
else if ($compose_mode == RCUBE_COMPOSE_REPLY) {
- $useHtml = ($html_editor == 1 || ($html_editor >= 2 && $MESSAGE->has_html_part(false)));
+ $useHtml = ($html_editor == 1 || ($html_editor >= 2 && $MESSAGE->has_html_part(false, true)));
}
else if ($compose_mode == RCUBE_COMPOSE_FORWARD) {
- $useHtml = ($html_editor == 1 || ($html_editor == 3 && $MESSAGE->has_html_part(false)));
+ $useHtml = ($html_editor == 1 || ($html_editor == 3 && $MESSAGE->has_html_part(false, true)));
}
else {
$useHtml = ($html_editor == 1);
@@ -730,6 +730,10 @@ function rcmail_compose_part_body($part, $isHtml = false)
if ($isHtml) {
if ($part->ctype_secondary == 'html') {
}
+ else if ($part->ctype_secondary == 'enriched') {
+ require_once(INSTALL_PATH . 'program/lib/enriched.inc');
+ $body = enriched_to_html($body);
+ }
else {
// try to remove the signature
if ($RCMAIL->config->get('strip_existing_sig', true)) {
@@ -743,6 +747,12 @@ function rcmail_compose_part_body($part, $isHtml = false)
}
}
else {
+ if ($part->ctype_secondary == 'enriched') {
+ require_once(INSTALL_PATH . 'program/lib/enriched.inc');
+ $body = enriched_to_html($body);
+ $part->ctype_secondary = 'html';
+ }
+
if ($part->ctype_secondary == 'html') {
// use html part if it has been used for message (pre)viewing
// decrease line length for quoting
@@ -750,6 +760,10 @@ function rcmail_compose_part_body($part, $isHtml = false)
$txt = new html2text($body, false, true, $len);
$body = $txt->get_text();
}
+ else if ($part->ctype_secondary == 'enriched') {
+ require_once(INSTALL_PATH . 'program/lib/enriched.inc');
+ $body = enriched_to_html($body);
+ }
else {
if ($part->ctype_secondary == 'plain' && $part->ctype_parameters['format'] == 'flowed') {
$body = rcube_mime::unfold_flowed($body);