githubFork/roundcubemail.git

			@@ -207,7 +207,10 @@
			if (!empty($MESSAGE->headers->charset))
			$RCMAIL->storage->set_charset($MESSAGE->headers->charset);

			if ($compose_mode == RCUBE_COMPOSE_REPLY) {
			if (!$MESSAGE->headers) {
			// error
			}
			else if ($compose_mode == RCUBE_COMPOSE_REPLY) {
			$COMPOSE['reply_uid'] = $msg_uid;
			$COMPOSE['reply_msgid'] = $MESSAGE->headers->messageID;
			$COMPOSE['references'] = trim($MESSAGE->headers->references . " " . $MESSAGE->headers->messageID);
			@@ -319,8 +322,8 @@
			else if (!empty($MESSAGE->headers->from))
			$fvalue = $MESSAGE->headers->from;

			// Reply to message sent by yourself (#1487074)
			if (!empty($ident) && $fvalue == $ident['ident']) {
			// Reply to message sent by yourself (#1487074, #1489230)
			if (!empty($ident) && in_array($ident['ident'], array($fvalue, $MESSAGE->headers->from))) {
			$fvalue = $MESSAGE->headers->to;
			}
			}
			@@ -1002,12 +1005,17 @@
			$cid_map = rcmail_write_compose_attachments($MESSAGE, $bodyIsHtml);
			}

			// clean up html tags - XSS prevention (#1489251)
			$body = rcmail_wash_html($body, array('safe' => 1), $cid_map);
			// clean up HTML tags - XSS prevention (#1489251)
			if ($bodyIsHtml) {
			$body = rcmail_wash_html($body, array('safe' => 1), $cid_map);

			// replace cid with href in inline images links
			if ($cid_map) {
			$body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
			// remove comments (produced by washtml)
			$body = preg_replace('/<!--[^>]+-->/', '', $body);

			// replace cid with href in inline images links
			if (!empty($cid_map)) {
			$body = str_replace(array_keys($cid_map), array_values($cid_map), $body);
			}
			}

			return $body;