diff options
Diffstat (limited to 'program')
-rw-r--r-- | program/lib/Roundcube/html.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/program/lib/Roundcube/html.php b/program/lib/Roundcube/html.php index 0209d1bf2..3aae7cfe7 100644 --- a/program/lib/Roundcube/html.php +++ b/program/lib/Roundcube/html.php @@ -283,11 +283,11 @@ class html continue; } - // ignore not allowed attributes, except data-* + // ignore not allowed attributes, except aria-* and data-* if (!empty($allowed)) { $is_data_attr = @substr_compare($key, 'data-', 0, 5) === 0; $is_aria_attr = @substr_compare($key, 'aria-', 0, 5) === 0; - if (!$is_aria_attr && !isset($allowed_f[$key]) && (!$is_data_attr || !isset($allowed_f['data-*']))) { + if (!$is_aria_attr && !$is_data_attr && !isset($allowed_f[$key])) { continue; } } |