Fix wrong handling of links with '|' character (#1489276)
Conflicts:
CHANGELOG
tests/Framework/StringReplacer.php
| | |
| | | CHANGELOG Roundcube Webmail |
| | | =========================== |
| | | |
| | | - Fix wrong handling of links with '|' character (#1489276) |
| | | - Fix colorspace issue on image conversion using ImageMagick (#1489270) |
| | | - Fix XSS vulnerability when saving HTML signatures (#1489251) |
| | | - Fix XSS vulnerability when editing a message "as new" or draft (#1489251) |
| | |
| | | // Support unicode/punycode in top-level domain part |
| | | $utf_domain = '[^?&@"\'\\/()<>\s\r\t\n]+\\.?([^\\x00-\\x2f\\x3b-\\x40\\x5b-\\x60\\x7b-\\x7f]{2,}|xn--[a-zA-Z0-9]{2,})'; |
| | | $url1 = '.:;,'; |
| | | $url2 = 'a-zA-Z0-9%=#$@+?!&\\/_~\\[\\]\\(\\){}\*-'; |
| | | $url2 = 'a-zA-Z0-9%=#$@+?|!&\\/_~\\[\\]\\(\\){}\*-'; |
| | | |
| | | $this->link_pattern = "/([\w]+:\/\/|\W[Ww][Ww][Ww]\.|^[Ww][Ww][Ww]\.)($utf_domain([$url1]*[$url2]+)*)/"; |
| | | $this->mailto_pattern = "/(" |
| | |
| | | array('http://', 'http://'), |
| | | array('1@1.com www.domain.tld', '<a href="mailto:1@1.com">1@1.com</a> <a href="http://www.domain.tld" target="_blank">www.domain.tld</a>'), |
| | | array(' www.domain.tld ', ' <a href="http://www.domain.tld" target="_blank">www.domain.tld</a> '), |
| | | array(' www.domain.tld/#!download|856p1|2 ', ' <a href="http://www.domain.tld/#!download|856p1|2" target="_blank">www.domain.tld/#!download|856p1|2</a> '), |
| | | ); |
| | | } |
| | | |