Thomas Bruederli
|
fb43d2e608
|
Escape textarea contents in Washtml
|
7 years ago |
Aleksander Machniak
|
1568bd9e04
|
Fix bug where external content in src attribute of input/video tags was not secured (#5583)
|
8 years ago |
Aleksander Machniak
|
fcf1a988a1
|
Wash position:fixed style in HTML mail for better security (#5264)
|
8 years ago |
Aleksander Machniak
|
12b7d5f1b5
|
Fix XSS issue in href attribute on area tag (#5240, #5241)
|
9 years ago |
Aleksander Machniak
|
ed1d212ae2
|
Improved SVG cleanup code
|
9 years ago |
Aleksander Machniak
|
9234903287
|
Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)
|
9 years ago |
Aleksander Machniak
|
f4c512336d
|
Fix "washing" of style elements wrapped into many lines
|
9 years ago |
Aleksander Machniak
|
786aa0725e
|
Fix XSS issue in style attribute handling (#1490227)
|
10 years ago |
Aleksander Machniak
|
5bf83d551e
|
Fix unintentional line-height style modification in HTML messages (#1489917)
|
11 years ago |
Aleksander Machniak
|
82ed256f6e
|
Fix incorrect handling of HTML comments in messages sanitization code (#1489904)
|
11 years ago |
Aleksander Machniak
|
f96fec6b8c
|
Fix "washing" of unicoded style attributes (#1489777)
|
11 years ago |
Aleksander Machniak
|
5e3ee8418e
|
Add test case for #1489777
|
11 years ago |
Aleksander Machniak
|
68cf8f19d2
|
Add some tests
|
11 years ago |
Aleksander Machniak
|
c7250749ab
|
Fix issue where deprecated syntax for HTML lists was not handled properly (#1488768)
|
11 years ago |
Aleksander Machniak
|
ffec857b69
|
Fix handling of invalid closing tags in HTML messages (#1489446)
|
11 years ago |
Aleksander Machniak
|
cb3e2fe0c2
|
Fix displaying messages with invalid self-closing HTML tags (#1489137)
|
12 years ago |
Aleksander Machniak
|
f773259412
|
Fix washtml test after "unsupported node type" fix
|
12 years ago |
Aleksander Machniak
|
1e2468e4b9
|
Added two tests for HTML comments handling in rcube_washtml class
|
12 years ago |
Aleksander Machniak
|
1f910cb50d
|
Fix handling link href attribute value with (valid) newline characters (#1488940)
|
12 years ago |
Aleksander Machniak
|
7ac94421bf
|
Move washtml class into Roundcube Framework (rcube_washtml), add some improvements
|
12 years ago |