Roundcubemail devel
parent: 254bfd | patch | commitdiff
vbenincasa
2010-06-09 d0b981757ab416dfd182e6b91e7f9a66132116f9
refs
author vbenincasa <vbenincasa@gmail.com>
Wednesday, June 9, 2010 15:08 -0400
committer vbenincasa <vbenincasa@gmail.com>
Wednesday, June 9, 2010 15:08 -0400
commitd0b981757ab416dfd182e6b91e7f9a66132116f9
tree d53b286eaba7ad3abc3584c7cc4a54d08a82624e tree | zip | gz
parent 254bfdc29ec82f95878702e44d5cfed5174880bb view | diff 
 - Sanitize CSS universal selector from e-mails. Without this fix any message can play with the CSS from entire mail window or mail preview frame. Test case: 
<style type="text/css">*{ background: #000; }</style>

1 files modified
4 ■■■■ changed files
program/include/main.inc 4 ●●●● diff | view | raw | blame | history