banananetwork
/
roundcubemail
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)

Browse Source
pull/306/head
Aleksander Machniak 9 years ago
parent 3b0318ca3e
commit 9234903287
3 changed files with 7 additions and 11 deletions
Show Stats Download Patch File Download Diff File

1
CHANGELOG
Unescape Escape View File

@ -48,6 +48,7 @@ CHANGELOG Roundcube Webmail
- Fix bug where HTML messages with invalid/excessive css styles couldn't be displayed (#1490539) - Fix bug where HTML messages with invalid/excessive css styles couldn't be displayed (#1490539)
- Fix redundant blank lines when using HTML and top posting (#1490576) - Fix redundant blank lines when using HTML and top posting (#1490576)
- Fix redundant blank lines on start of text after html to text conversion (#1490577) - Fix redundant blank lines on start of text after html to text conversion (#1490577)
- Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)
RELEASE 1.1.3 RELEASE 1.1.3
------------- -------------

11
program/lib/Roundcube/rcube_washtml.php
Unescape Escape View File

@ -313,7 +313,7 @@ class rcube_washtml
$dump = ''; $dump = '';
do { do {
switch($node->nodeType) { switch ($node->nodeType) {
case XML_ELEMENT_NODE: //Check element case XML_ELEMENT_NODE: //Check element
$tagName = strtolower($node->tagName); $tagName = strtolower($node->tagName);
if ($callback = $this->handlers[$tagName]) { if ($callback = $this->handlers[$tagName]) {
@ -345,14 +345,9 @@ class rcube_washtml
case XML_HTML_DOCUMENT_NODE: case XML_HTML_DOCUMENT_NODE:
$dump .= $this->dumpHtml($node, $level); $dump .= $this->dumpHtml($node, $level);
break; break;
case XML_DOCUMENT_TYPE_NODE:
break;
default:
$dump .= '<!-- node type ' . $node->nodeType . ' -->';
} }
} while($node = $node->nextSibling); }
while($node = $node->nextSibling);
return $dump; return $dump;
} }

6
tests/Framework/Washtml.php
Unescape Escape View File

@ -47,7 +47,7 @@ class Framework_Washtml extends PHPUnit_Framework_TestCase
$html = "<!--[if gte mso 10]><p>p1</p><!--><p>p2</p>"; $html = "<!--[if gte mso 10]><p>p1</p><!--><p>p2</p>";
$washed = $washer->wash($html); $washed = $washer->wash($html);
$this->assertEquals('<!-- node type 8 --><!-- html ignored --><!-- body ignored --><p>p2</p>', $washed, "HTML conditional comments (#1489004)"); $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>p2</p>', $washed, "HTML conditional comments (#1489004)");
$html = "<!--TestCommentInvalid><p>test</p>"; $html = "<!--TestCommentInvalid><p>test</p>";
$washed = $washer->wash($html); $washed = $washer->wash($html);
@ -57,12 +57,12 @@ class Framework_Washtml extends PHPUnit_Framework_TestCase
$html = "<p>para1</p><!-- comment --><p>para2</p>"; $html = "<p>para1</p><!-- comment --><p>para2</p>";
$washed = $washer->wash($html); $washed = $washer->wash($html);
$this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><!-- node type 8 --><p>para2</p>', $washed, "HTML comments - simple comment"); $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><p>para2</p>', $washed, "HTML comments - simple comment");
$html = "<p>para1</p><!-- <hr> comment --><p>para2</p>"; $html = "<p>para1</p><!-- <hr> comment --><p>para2</p>";
$washed = $washer->wash($html); $washed = $washer->wash($html);
$this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><!-- node type 8 --><p>para2</p>', $washed, "HTML comments - tags inside (#1489904)"); $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><p>para2</p>', $washed, "HTML comments - tags inside (#1489904)");
} }
/** /**

Write Preview
Loading…
Cancel
Save