banananetwork
/
roundcubemail
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix XSS vulnerability when editing a message "as new" or draft (#1489251) - added HTML content "washing"

Browse Source
pull/100/merge
Aleksander Machniak 11 years ago
parent 9f324e3a1b
commit 93b0a30c1c
2 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File

1
CHANGELOG
Unescape Escape View File

@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail CHANGELOG Roundcube Webmail
=========================== ===========================
- Fix XSS vulnerability when editing a message "as new" or draft (#1489251)
- Fix downloading binary files with (wrong) text/* content-type (#1489267) - Fix downloading binary files with (wrong) text/* content-type (#1489267)
- Fix rewrite rule in .htaccess (#1489240) - Fix rewrite rule in .htaccess (#1489240)
- Fix detecting Turkish language in ISO-8859-9 encoding (#1489252) - Fix detecting Turkish language in ISO-8859-9 encoding (#1489252)

6
program/steps/mail/compose.inc
Unescape Escape View File

@ -1000,9 +1000,13 @@ function rcmail_create_draft_body($body, $bodyIsHtml)
&& count($MESSAGE->mime_parts) > 0) && count($MESSAGE->mime_parts) > 0)
{ {
$cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml); $cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
}
// clean up html tags - XSS prevention (#1489251)
$body = rcmail_wash_html($body, array('safe' => 1), $cid_map);
// replace cid with href in inline images links // replace cid with href in inline images links
if ($cid_map) if ($cid_map) {
$body = str_replace(array_keys($cid_map), array_values($cid_map), $body); $body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
} }

Write Preview
Loading…
Cancel
Save