From 8e3cb8606e219e19b8c1619ab172f4d1dec121ed Mon Sep 17 00:00:00 2001
From: estadtherr <estadtherr@208e9e7b-5314-0410-a742-e7e81cd9613c>
Date: Wed, 13 Feb 2008 02:51:05 +0000
Subject: condense TinyMCE toolbar down to one line, removing table buttons
 (#1484747) fix image removal in message display when message HTML includes JS
 event handlers

git-svn-id: https://svn.roundcube.net/trunk@1059 208e9e7b-5314-0410-a742-e7e81cd9613c
---
 roundcubemail/program/steps/mail/func.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roundcubemail/program/steps')

diff --git a/roundcubemail/program/steps/mail/func.inc b/roundcubemail/program/steps/mail/func.inc
index 2563ec26b..b0d641778 100644
--- a/roundcubemail/program/steps/mail/func.inc
+++ b/roundcubemail/program/steps/mail/func.inc
@@ -988,7 +988,7 @@ function rcmail_sanitize_html($body, $container_id)
   while ($body != $prev_body)
     {
     $prev_body = $body;
-    $body = preg_replace('/(<[^!][^>]*\s)(on[^=>]+)=([^>]+>)/im', '$1__removed=$3', $body);
+    $body = preg_replace('/(<[^!][^>]*\s)on(?:load|unload|click|dblclick|mousedown|mouseup|mouseover|mousemove|mouseout|focus|blur|keypress|keydown|keyup|submit|reset|select|change)=([^>]+>)/im', '$1__removed=$2', $body);
     $body = preg_replace('/(<[^!][^>]*\shref=["\']?)(javascript:)([^>]*?>)/im', '$1null:$3', $body);
     }
 
-- 
cgit v1.2.3