diff options
| author | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2008-04-02 12:08:12 +0000 |
|---|---|---|
| committer | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2008-04-02 12:08:12 +0000 |
| commit | bc97b8d89d3e0e7c5a591d42e19b5555e16e09db (patch) | |
| tree | ebe1966e356e0dc0db558d74433e3e1275a57170 /roundcubemail/program/include/main.inc | |
| parent | e7c38c79f7c31195ac1850ade24dd1878add4dee (diff) | |
Remove evil css styles like expression() in HTML messages
git-svn-id: https://svn.roundcube.net/trunk@1231 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'roundcubemail/program/include/main.inc')
| -rw-r--r-- | roundcubemail/program/include/main.inc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/roundcubemail/program/include/main.inc b/roundcubemail/program/include/main.inc index cb25fbd77..459648668 100644 --- a/roundcubemail/program/include/main.inc +++ b/roundcubemail/program/include/main.inc @@ -1377,6 +1377,7 @@ function rcmail_mail_domain($host) /** * Replace all css definitions with #container [def] + * and remove css-inlined scripting * * @param string CSS source code * @param string Container ID to use as prefix @@ -1386,6 +1387,10 @@ function rcmail_mod_css_styles($source, $container_id, $base_url = '') { $a_css_values = array(); $last_pos = 0; + + // ignore the whole block if evil styles are detected + if (stristr($source, 'expression') || stristr($source, 'behavior')) + return ''; // cut out all contents between { and } while (($pos = strpos($source, '{', $last_pos)) && ($pos2 = strpos($source, '}', $pos))) @@ -1396,7 +1401,7 @@ function rcmail_mod_css_styles($source, $container_id, $base_url = '') $last_pos = $pos+2; } - // remove html commends and add #container to each tag selector. + // remove html comments and add #container to each tag selector. // also replace body definition because we also stripped off the <body> tag $styles = preg_replace( array( |