CHANGELOG | ●●●●● patch | view | raw | blame | history | |
program/include/rcube_imap.php | ●●●●● patch | view | raw | blame | history | |
program/include/rcube_message.php | ●●●●● patch | view | raw | blame | history | |
program/lib/washtml.php | ●●●●● patch | view | raw | blame | history |
CHANGELOG
@@ -1,9 +1,10 @@ CHANGELOG RoundCube Webmail --------------------------- 2008/09/04 (thomasb) 2008/09/05 (thomasb) ---------- - Enable export of address book contacts as vCard - Respect Content-Location headers in multipart/related messages according to RFC2110 (#1484946) 2008/09/04 (alec) ---------- program/include/rcube_imap.php
@@ -1149,16 +1149,17 @@ if (empty($struct->disposition)) $struct->disposition = 'inline'; } // fetch message headers if message/rfc822 or named part (could contain Content-Location header) if ($struct->ctype_primary == 'message' || ($struct->ctype_parameters['name'] && !$struct->content_id)) { $part_headers = iil_C_FetchPartHeader($this->conn, $this->mailbox, $this->_msg_id, $struct->mime_id); $struct->headers = $this->_parse_headers($part_headers) + $struct->headers; } // fetch message headers if message/rfc822 if ($struct->ctype_primary=='message') { $headers = iil_C_FetchPartBody($this->conn, $this->mailbox, $this->_msg_id, $struct->mime_id.'.HEADER'); $struct->headers = $this->_parse_headers($headers); if ($struct->ctype_primary=='message') { if (is_array($part[8]) && empty($struct->parts)) $struct->parts[] = $this->_structure_part($part[8], ++$count, $struct->mime_id); } } // normalize filename property $this->_set_part_filename($struct); program/include/rcube_message.php
@@ -356,6 +356,10 @@ $mail_part->content_id = preg_replace(array('/^</', '/>$/'), '', $mail_part->headers['content-id']); $this->inline_parts[] = $mail_part; } else if ($message_ctype_secondary == 'related' && $mail_part->headers['content-location']) { $mail_part->content_location = $mail_part->headers['content-base'] . $mail_part->headers['content-location']; $this->inline_parts[] = $mail_part; } // is regular attachment else { if (!$mail_part->filename) @@ -370,7 +374,11 @@ $a_replaces = array(); foreach ($this->inline_parts as $inline_object) { $a_replaces['cid:'.$inline_object->content_id] = $this->get_part_url($inline_object->mime_id); $part_url = $this->get_part_url($inline_object->mime_id); if ($inline_object->content_id) $a_replaces['cid:'.$inline_object->content_id] = $part_url; if ($inline_object->content_location) $a_replaces[$inline_object->content_location] = $part_url; } // add replace array to each content part program/lib/washtml.php
@@ -132,13 +132,14 @@ '|#[0-9a-f]{3,6}|[a-z0-9\-]+'. ')\s*/i', $str, $match)) { if($match[2]) { if(preg_match('/^(http|https|ftp):.*$/i', $match[2], $url)) { if($src = $this->config['cid_map'][$match[2]]) $value .= ' url(\''.htmlspecialchars($src, ENT_QUOTES) . '\')'; else if(preg_match('/^(http|https|ftp):.*$/i', $match[2], $url)) { if($this->config['allow_remote']) $value .= ' url(\''.htmlspecialchars($url[0], ENT_QUOTES).'\')'; else $this->extlinks = true; } else if(preg_match('/^cid:(.*)$/i', $match[2], $cid)) $value .= ' url(\''.htmlspecialchars($this->config['cid_map']['cid:'.$cid[1]], ENT_QUOTES) . '\')'; } } else if($match[0] != 'url' && $match[0] != 'rbg')//whitelist ? $value .= ' ' . $match[0]; $str = substr($str, strlen($match[0])); @@ -164,7 +165,10 @@ else if($key == 'style' && ($style = $this->wash_style($value))) $t .= ' style="' . $style . '"'; else if($key == 'src' && strtolower($node->tagName) == 'img') { //check tagName anyway if(preg_match('/^(http|https|ftp):.*/i', $value)) { if($src = $this->config['cid_map'][$value]) { $t .= ' ' . $key . '="' . htmlspecialchars($src, ENT_QUOTES) . '"'; } else if(preg_match('/^(http|https|ftp):.*/i', $value)) { if($this->config['allow_remote']) $t .= ' ' . $key . '="' . htmlspecialchars($value, ENT_QUOTES) . '"'; else { @@ -172,8 +176,7 @@ if ($this->config['blocked_src']) $t .= ' src="' . htmlspecialchars($this->config['blocked_src'], ENT_QUOTES) . '"'; } } else if(preg_match('/^cid:(.*)$/i', $value, $cid)) $t .= ' ' . $key . '="' . htmlspecialchars($this->config['cid_map']['cid:'.$cid[1]], ENT_QUOTES) . '"'; } } else $washed .= ($washed?' ':'') . $key; }