- Fix XSS vulnerability in vbscript: and data:text links handling (#1488850)
Conflicts:
CHANGELOG
tests/MailFunc.php
| | |
| | | CHANGELOG Roundcube Webmail |
| | | =========================== |
| | | |
| | | - Fix XSS vulnerability in vbscript: and data:text links handling (#1488850) |
| | | - Fix absolute positioning in HTML messages (#1488819) |
| | | - Fix keybord events on messages list in opera browser (#1488823) |
| | | - Fix cache (in)validation after setting \Deleted flag |
| | |
| | | $key = strtolower($key); |
| | | $value = $node->getAttribute($key); |
| | | if (isset($this->_html_attribs[$key]) || |
| | | ($key == 'href' && !preg_match('!^javascript!i', $value) |
| | | ($key == 'href' && !preg_match('!^(javascript|vbscript|data:text)!i', $value) |
| | | && preg_match('!^([a-z][a-z0-9.+-]+:|//|#).+!i', $value)) |
| | | ) { |
| | | $t .= ' ' . $key . '="' . htmlspecialchars($value, ENT_QUOTES) . '"'; |