From 79e634040d240b9ae2f392fccc3de643035109f9 Mon Sep 17 00:00:00 2001 From: thomascube Date: Fri, 28 Jan 2011 15:19:38 +0000 Subject: Don't block CSS styles having important keywords --- program/include/main.inc | 4 ++-- program/steps/mail/func.inc | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'program') diff --git a/program/include/main.inc b/program/include/main.inc index d79ba2ca4..7f4945692 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -872,8 +872,8 @@ function rcmail_mod_css_styles($source, $container_id) $replacements = new rcube_string_replacer; // ignore the whole block if evil styles are detected - $stripped = preg_replace('/[^a-z\(:]/', '', rcmail_xss_entity_decode($source)); - if (preg_match('/expression|behavior|url\(|import/', $stripped)) + $stripped = preg_replace('/[^a-z\(:;]/', '', rcmail_xss_entity_decode($source)); + if (preg_match('/expression|behavior|url\(|import[^a]/', $stripped)) return '/* evil! */'; // remove css comments (sometimes used for some ugly hacks) diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 99f792f79..131a5aa87 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -829,10 +829,10 @@ function rcmail_washtml_callback($tagname, $attrib, $content) case 'style': // decode all escaped entities and reduce to ascii strings - $stripped = preg_replace('/[^a-zA-Z\(:]/', '', rcmail_xss_entity_decode($content)); + $stripped = preg_replace('/[^a-zA-Z\(:;]/', '', rcmail_xss_entity_decode($content)); // now check for evil strings like expression, behavior or url() - if (!preg_match('/expression|behavior|url\(|import/', $stripped)) { + if (!preg_match('/expression|behavior|url\(|import[^a]/', $stripped)) { $out = html::tag('style', array('type' => 'text/css'), $content); break; } -- cgit v1.2.3