summaryrefslogtreecommitdiff
path: root/program/lib/washtml.php
AgeCommit message (Collapse)Author
2011-12-10Backported CSS sanitization (r5586:r5590)thomascube
2011-11-30- Applied fixes from trunk up to r5512alecpl
2011-11-16- Apply fixes from trunk up to r5433alecpl
2011-05-16- Fix invalid comments handling (see example message in #1487915)alecpl
2011-04-19- Fix regression in html conditional comments handling by washtml classalecpl
2011-02-09Fix stripping invalid comments. Changes from r4483 also stripped entire CSS ↵thomascube
blocks packed in comments
2011-02-03- Fix handling of invalid HTML comments in messages (#1487759)alecpl
2010-12-23- Don't return empty I and B tags in short formalecpl
2010-08-03- Don't allow short form of empty <strong> tagalecpl
2010-06-23- Improve parsing of styled empty tags in HTML messages (#1486812)alecpl
2010-06-07- Fix RFC2397 handling in wash_style()alecpl
2010-05-27- support base URL for inline imagesalecpl
2010-05-22- Add support for data URI scheme [RFC2397] (#1486740)alecpl
2010-04-21- fix <span>0</span> (#1486645)alecpl
2010-02-28- Fix invalid font tags which cause HTML message rendering problems (#1486521)alecpl
2009-11-03- fix empty A tag handling (#1486272)alecpl
2009-08-19Added # to washtml's regex for safe links (some list digests have tables of ↵svncommit
contents that use internal links).
2009-07-31better solution for HTML washing encoding issuesvncommit
2009-07-30fix washing of HTML encoded in something other than UTF-8svncommit
2009-07-28- Fix displaying of HTML messages with unknown/malformed tags (#1486003)alecpl
- Some other changes for styled HTML display
2009-07-17- Fix HTML messages output with empty block elements (#1485974)alecpl
2009-07-03- Allow WBR tag in HTML message (#1485960)alecpl
2009-01-20Treat 'background' attributes the same way as 'src' (another XSS vulnerability)thomascube
2008-09-17- Smart Tags and NOBR tag support in html messages (#1485363, #1485327)alecpl
2008-09-16Allow content of HTML head sections to be processesthomascube
2008-09-05Respect Content-Location headers in multipart/related messages (#1484946)thomascube
2008-07-22Reverted r1607. See #1485137 for explanationsthomascube
2008-07-22#1485137: added 'form' to allowed elements listalecpl
2008-07-22Improve HTML sanitization with washtmlthomascube
2008-06-15#1485097: Re-enable background attribute in HTML messagesalecpl
2008-06-07Change meta-charset specififcation in HTML to UTF-8; no need for ↵thomascube
mb_convert_encoding() anymore
2008-06-04Allow <body> tag in HTML messages which will be converted to <div ↵thomascube
class='rcmBody'>
2008-06-04Chech for mb_convert_encoding first because mbstring is optional for ↵thomascube
RoundCube + add some phpdoc
2008-06-03-add convert encoding before html parsingalecpl
2008-05-29Replace our crappy html sanitization with the dom-based washtml script + fix ↵thomascube
inline message parts + remove old code + add some doc comments