From 7dc7eb19f101203a508863d440e184fa7c6e9444 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak Date: Thu, 21 Jun 2012 17:31:27 +0200 Subject: Fixed custom header name validity check, made RFC2822-compliant Updated localization files list in package.xml --- plugins/managesieve/managesieve.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'plugins/managesieve/managesieve.php') diff --git a/plugins/managesieve/managesieve.php b/plugins/managesieve/managesieve.php index 486b3fb1d..70ef5f597 100644 --- a/plugins/managesieve/managesieve.php +++ b/plugins/managesieve/managesieve.php @@ -707,9 +707,12 @@ class managesieve extends rcube_plugin if (!count($headers)) $this->errors['tests'][$i]['header'] = $this->gettext('cannotbeempty'); else { - foreach ($headers as $hr) - if (!preg_match('/^[a-z0-9-]+$/i', $hr)) + foreach ($headers as $hr) { + // RFC2822: printable ASCII except colon + if (!preg_match('/^[\x21-\x39\x41-\x7E]+$/i', $hr)) { $this->errors['tests'][$i]['header'] = $this->gettext('forbiddenchars'); + } + } } if (empty($this->errors['tests'][$i]['header'])) -- cgit v1.2.3