summaryrefslogtreecommitdiff
path: root/program/lib/washtml.php
AgeCommit message (Expand)Author
2012-11-13Fix handling of 'media' attribute on linked css (#1488789)Aleksander Machniak
2012-11-08Fix AREA links handling (#1488792)Aleksander Machniak
2012-08-15Fix XSS issue with href="javascript:" not being removed (#1488613)Aleksander Machniak
2012-06-13Fix handling of unitless CSS size values in HTML message (#1488535)Aleksander Machniak
2012-06-08Fix handling of links with various URI schemes e.g. "skype:" (#1488106)Aleksander Machniak
2012-05-12Fix handling of "usemap" attribute (#1488472)Aleksander Machniak
2012-05-12Fix handling of some HTML tags e.g. IMG (#1488471) - reworked fix for #1486812Aleksander Machniak
2011-12-22Accept absolute urls without protocolthomascube
2011-12-10Be more strict in style attribute filteringthomascube
2011-12-09Allow clean background:url(...) styles in safe mode. This will make Roundcube...thomascube
2011-11-30- Fix handling of empty <U> tags in HTML messages (#1488225)alecpl
2011-11-15- Fix washing styles with quoted values e.g. font-familyalecpl
2011-11-15- Fix handling of HTML form elements in messages (#1485137)alecpl
2011-05-16- Fix invalid comments handling (see example message in #1487915)alecpl
2011-04-19- Fix regression in html conditional comments handling by washtml classalecpl
2011-02-09Fix stripping invalid comments. Changes from r4483 also stripped entire CSS b...thomascube
2011-02-03- Fix handling of invalid HTML comments in messages (#1487759)alecpl
2010-12-23- Don't return empty I and B tags in short formalecpl
2010-08-03- Don't allow short form of empty <strong> tagalecpl
2010-06-23- Improve parsing of styled empty tags in HTML messages (#1486812)alecpl
2010-06-07- Fix RFC2397 handling in wash_style()alecpl
2010-05-27- support base URL for inline imagesalecpl
2010-05-22- Add support for data URI scheme [RFC2397] (#1486740)alecpl
2010-04-21- fix <span>0</span> (#1486645)alecpl
2010-02-28- Fix invalid font tags which cause HTML message rendering problems (#1486521)alecpl
2009-11-03- fix empty A tag handling (#1486272)alecpl
2009-08-19Added # to washtml's regex for safe links (some list digests have tables of c...svncommit
2009-07-31better solution for HTML washing encoding issuesvncommit
2009-07-30fix washing of HTML encoded in something other than UTF-8svncommit
2009-07-28- Fix displaying of HTML messages with unknown/malformed tags (#1486003)alecpl
2009-07-17- Fix HTML messages output with empty block elements (#1485974)alecpl
2009-07-03- Allow WBR tag in HTML message (#1485960)alecpl
2009-01-20Treat 'background' attributes the same way as 'src' (another XSS vulnerability)thomascube
2008-09-17- Smart Tags and NOBR tag support in html messages (#1485363, #1485327)alecpl
2008-09-16Allow content of HTML head sections to be processesthomascube
2008-09-05Respect Content-Location headers in multipart/related messages (#1484946)thomascube
2008-07-22Reverted r1607. See #1485137 for explanationsthomascube
2008-07-22#1485137: added 'form' to allowed elements listalecpl
2008-07-22Improve HTML sanitization with washtmlthomascube
2008-06-15#1485097: Re-enable background attribute in HTML messagesalecpl
2008-06-07Change meta-charset specififcation in HTML to UTF-8; no need for mb_convert_e...thomascube
2008-06-04Allow <body> tag in HTML messages which will be converted to <div class='rcmB...thomascube
2008-06-04Chech for mb_convert_encoding first because mbstring is optional for RoundCub...thomascube
2008-06-03-add convert encoding before html parsingalecpl
2008-05-29Replace our crappy html sanitization with the dom-based washtml script + fix ...thomascube
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-09 16:12:42 +0000