githubFork/roundcubemail.git

			@@ -33,7 +33,7 @@
			protected $content;

			public static $common_attrib = array('id','class','style','title','align');
			public static $containers = array('div','span','p','h1','h2','h3','form','textarea','table','tr','th','td');
			public static $containers = array('div','span','p','h1','h2','h3','form','textarea','table','tr','th','td','style');
			public static $lc_tags = true;

			/**

			@@ -611,14 +611,13 @@
			$wash_opts['html_elements'] = array('html','head','title','body');
			}

			// allow CSS styles, will be sanitized by rcmail_washtml_callback()
			if ($p['safe']) {
			$wash_opts['html_elements'][] = 'style';
			}

			$washer = new washtml($wash_opts);
			$washer->add_callback('form', 'rcmail_washtml_callback');

			if ($p['safe']) { // allow CSS styles, will be sanitized by rcmail_washtml_callback()
			$washer->add_callback('style', 'rcmail_washtml_callback');
			}

			$body = $washer->wash($html);
			$REMOTE_OBJECTS = $washer->extlinks;

			@@ -708,10 +707,10 @@

			case 'style':
			// decode all escaped entities and reduce to ascii strings
			$stripped = preg_replace('/[^a-zA-Z\(:]/', '', rcmail_xss_entitiy_decode($source));
			$stripped = preg_replace('/[^a-zA-Z\(:]/', '', rcmail_xss_entitiy_decode($content));

			// now check for evli strings like expression, behavior or url()
			if (!preg_match('/expression\|behavior\|url\(\|import/', $css)) {
			// now check for evil strings like expression, behavior or url()
			if (!preg_match('/expression\|behavior\|url\(\|import/', $stripped)) {
			$out = html::tag('style', array('type' => 'text/css'), $content);
			break;
			}

	program/include/html.php	2 ●●●●● patch \| view \| raw \| blame \| history
	program/steps/mail/func.inc	15 ●●●●● patch \| view \| raw \| blame \| history