summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
Diffstat (limited to 'program')
-rw-r--r--program/include/rcube_message.php4
1 files changed, 3 insertions, 1 deletions
diff --git a/program/include/rcube_message.php b/program/include/rcube_message.php
index ec1359c86..89d65eb1e 100644
--- a/program/include/rcube_message.php
+++ b/program/include/rcube_message.php
@@ -448,7 +448,9 @@ class rcube_message
}
// part is a file/attachment
else if (preg_match('/^(inline|attach)/', $mail_part->disposition) ||
- $mail_part->headers['content-id'] || (empty($mail_part->disposition) && $mail_part->filename)
+ $mail_part->headers['content-id'] ||
+ ($mail_part->filename &&
+ (empty($mail_part->disposition) || preg_match('/^[a-z0-9!#$&.+^_-]+$/i', $mail_part->disposition)))
) {
// skip apple resource forks
if ($message_ctype_secondary == 'appledouble' && $secondary_type == 'applefile')