Aleksander Machniak
5d16751ed8
Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
7 years ago
Thomas Bruederli
919338d4ba
Escape textarea contents in Washtml
7 years ago
Aleksander Machniak
21e7d873ce
Fix so links over images are not removed in plain text signatures converted from HTML ( #4473 )
8 years ago
Aleksander Machniak
1fcf7bfab3
Fix bug where HTML messages with @media styles could moddify style of page body ( #5811 )
8 years ago
Aleksander Machniak
8f22c3287d
Fix bug where comment notation within style tag would cause the whole style to be ignored ( #5747 )
8 years ago
Aleksander Machniak
ce61c8210e
Added test for rcube_db::parse_dsn()
8 years ago
dfukagaw28
89a4134064
Add support for DelSp=Yes messages ( #5702 )
8 years ago
Thomas Bruederli
522565b400
Add tests for XSS vulnerabilities in style tags
8 years ago
Shin Kojima
0b385dc946
Skip iconv for problematic ISO-2022-JP strings ( #5668 )
...
We sometimes get broken character encodings such as:
Subject: =?iso-2022-jp?B?GyRCLWo7M3l1OSk2SBsoQgo=?=
This actually is not a strict ISO-2022-JP string, but a CP50220 string
that is a variant of ISO-2022-JP with extended characters proposed by
Microsoft. Iconv can not handle these encodings well.
8 years ago
Aleksander Machniak
e08f22ef28
Fix bug where external content in src attribute of input/video tags was not secured ( #5583 )
8 years ago
Aleksander Machniak
7340360e79
Fix bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
8 years ago
JohnDoh
dd714b33a8
replace old trac links ( #5514 )
8 years ago
Aleksander Machniak
94f8ce3334
Make html::parse_attrib_string() more robust
...
Fixes PHP Error: Expression parse error on: ($app->config->get('preview_pane',rcube_utils::get_boolean('')) == true ? ' checked=checked' : ')
8 years ago
Aleksander Machniak
dcabc1d814
Merge remote-tracking branch 'upstream/master'
...
Conflicts:
tests/Framework/Washtml.php
8 years ago
Aleksander Machniak
906cf101c3
Better time handling in rcube_utils::clean_datestr()
8 years ago
Aleksander Machniak
ed35267b9b
Managesieve: Fix parsing of vacation date-time with non-default date_format ( #5372 )
...
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
8 years ago
Aleksander Machniak
d91bad5975
Fix handling of blockquote tags with mixed case on html2text conversion ( #5363 )
8 years ago
Aleksander Machniak
bf5b3072c4
Fix MathML test on older PHP versions
8 years ago
Aleksander Machniak
edfd9da42a
Support MathML in HTML message preview ( #5182 )
8 years ago
Aleksander Machniak
6737e293bb
Wash position:fixed style in HTML mail for better security ( #5264 )
9 years ago
Aleksander Machniak
afd090672c
Small performance optimization
9 years ago
Aleksander Machniak
ca9ad75d96
Add some more tests for HREF attribute washing
9 years ago
Aleksander Machniak
6652367d65
Fix XSS issue in href attribute on area tag ( #5240 , #5241 )
9 years ago
Aleksander Machniak
a0f38f5fd8
Small code style improvements
9 years ago
Aleksander Machniak
e8ab3d96bd
Fix converting mail addresses with @www. into mailto links ( #5197 )
9 years ago
Aleksander Machniak
ed1d212ae2
Improved SVG cleanup code
9 years ago
Aleksander Machniak
cbe701ac4a
Fix rcube_utils::words_match() to work with mixed/invalid/binary content (T844)
9 years ago
Aleksander Machniak
9234903287
Fix HTML sanitizer to skip <!-- node type X --> in output ( #1490583 )
9 years ago
Aleksander Machniak
26086981a2
Improve randomness of security tokens ( #1490529 )
9 years ago
Aleksander Machniak
7a42173a16
Simplify rcube_utils::check_ip()
9 years ago
Aleksander Machniak
f4c512336d
Fix "washing" of style elements wrapped into many lines
9 years ago
Aleksander Machniak
1b39d9a6c7
PHP7: Fixed some E_WARNING errors that previously were E_STRICT
9 years ago
Aleksander Machniak
2d73205ec8
Skip rcube_ldap_generic test if Net_LDAP3 is not available
9 years ago
Aleksander Machniak
8447bae77c
Require Mbstring and OpenSSL extensions ( #1490415 ) - remove redundant code
10 years ago
Aleksander Machniak
f7427f151e
Get rid of Mail_mimeDecode package dependency ( #1490416 )
10 years ago
Aleksander Machniak
25c8fe4eeb
Fix handling of non-break spaces in html to text conversion ( #1490436 )
10 years ago
Aleksander Machniak
ff40683404
Fix so links with href == content aren't added to links list on html to text conversion ( #1490434 )
10 years ago
Thomas Bruederli
7eefdc8149
Adapt charset cleanup tests to pass with different versions of iconv propucing slightyl different output
10 years ago
Aleksander Machniak
3994b3a26c
Installer: Use openssl_random_pseudo_bytes() (if available) to generate des_key ( #1490402 )
10 years ago
Thomas Bruederli
0bfc862283
Specify test groups for inclusion/exclusion
10 years ago
Aleksander Machniak
c4ad7edd53
Fix font artifacts in text2html conversion ( #1490353 )
...
Use white-space:nowrap elements instead of unicode word-joiner character
10 years ago
Aleksander Machniak
389f70996c
Skip some tests on PHP 5.3.3
10 years ago
Aleksander Machniak
f7565da34b
Add some more tests for rcube_charset::clean()
10 years ago
Aleksander Machniak
eb58b6c537
Fix failing rcube_utils::strtotime() test if system timezone was different than expected
10 years ago
Aleksander Machniak
d86ff98339
Fix font artifact in Google Chrome on Windows ( #1490353 )
10 years ago
Aleksander Machniak
53cbebf8ad
Fix handling spaces after <br> on html2text conversion
10 years ago
Aleksander Machniak
496972bf95
Fix backtick character handling in sql queries ( #1490312 )
10 years ago
Aleksander Machniak
13e0a6556f
Fix handling of some improper constructs in format=flowed text as per the RFC3676[4.5] ( #1490284 )
10 years ago
Aleksander Machniak
786aa0725e
Fix XSS issue in style attribute handling ( #1490227 )
10 years ago
Thomas Bruederli
e8b82c2e7b
Fix rcube_utils::normalize_string() to support unicode characters + add argument for minimum token length
10 years ago