thomascube
2008-09-12 85a9130647fff8ffafbd35117705f3ec7ec98ce0
Fix xss entitiy decoding

1 files modified
4 ■■■■ changed files
program/include/main.inc 4 ●●●● patch | view | raw | blame | history
program/include/main.inc
@@ -643,8 +643,8 @@
function rcmail_xss_entitiy_decode($content)
{
  $out = html_entity_decode(html_entity_decode($content));
  $out = preg_replace('/\\\00([a-z0-9]{2})/ie', "chr(hexdec('\\1'))", $out);
  $out = preg_replace('#/\*.+\*/#Um', '', $out);
  $out = preg_replace('/\\\([a-z0-9]{4})/ie', "chr(hexdec('\\1'))", $out);
  $out = preg_replace('#/\*.*\*/#Um', '', $out);
  return $out;
}