From 2f93b031b2b72ec9be2255c387cae7c7713c2ff7 Mon Sep 17 00:00:00 2001
From: svncommit <devs@roundcube.net>
Date: Tue, 12 Feb 2008 21:51:05 -0500
Subject: [PATCH] condense TinyMCE toolbar down to one line, removing table buttons (#1484747) fix image removal in message display when message HTML includes JS event handlers

---
 CHANGELOG                        |    5 +++++
 program/js/editor.js             |    4 ++--
 program/steps/mail/func.inc      |    2 +-
 skins/default/editor_content.css |    7 +++++--
 4 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 4147eea..47be089 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,11 @@
 CHANGELOG RoundCube Webmail
 ---------------------------
 
+2008/02/12 (estadtherr)
+----------
+- condense TinyMCE toolbar down to one line, removing table buttons (#1484747)
+- fix image removal in message display when message HTML includes JS event handlers
+
 2008/02/11 (thomasb)
 ----------
 - Add function to mark the selected messages as read/unread (#1457360)
diff --git a/program/js/editor.js b/program/js/editor.js
index 919f5d2..2f58fe0 100644
--- a/program/js/editor.js
+++ b/program/js/editor.js
@@ -22,8 +22,8 @@
                  apply_source_formatting : true,
                  theme : 'advanced',
                  plugins : 'emotions,media,nonbreaking,table,searchreplace,spellchecker,visualchars',
-                 theme_advanced_buttons1 : 'bold,italic,underline,strikethrough,separator,justifyleft,justifycenter,justifyright,justifyfull,separator,bullist,numlist,outdent,indent,separator,link,unlink,emotions,forecolor,backcolor,formatselect,fontselect,fontsizeselect',
-                 theme_advanced_buttons2 : 'undo,redo,image,media,hr,charmap,code,nonbreaking,visualchars,separator,search,replace,spellchecker,separator,tablecontrols',
+                 theme_advanced_buttons1 : 'bold,italic,underline,separator,justifyleft,justifycenter,justifyright,justifyfull,separator,bullist,numlist,outdent,indent,separator,emotions,charmap,code,forecolor,backcolor,fontselect,fontsizeselect, separator,undo,redo,image,media',
+                 theme_advanced_buttons2 : '',
                  theme_advanced_buttons3 : '',
                  theme_advanced_toolbar_location : 'top',
                  theme_advanced_toolbar_align : 'left',
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 2563ec2..b0d6417 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -988,7 +988,7 @@
   while ($body != $prev_body)
     {
     $prev_body = $body;
-    $body = preg_replace('/(<[^!][^>]*\s)(on[^=>]+)=([^>]+>)/im', '$1__removed=$3', $body);
+    $body = preg_replace('/(<[^!][^>]*\s)on(?:load|unload|click|dblclick|mousedown|mouseup|mouseover|mousemove|mouseout|focus|blur|keypress|keydown|keyup|submit|reset|select|change)=([^>]+>)/im', '$1__removed=$2', $body);
     $body = preg_replace('/(<[^!][^>]*\shref=["\']?)(javascript:)([^>]*?>)/im', '$1null:$3', $body);
     }
 
diff --git a/skins/default/editor_content.css b/skins/default/editor_content.css
index 182e791..e8b1c88 100644
--- a/skins/default/editor_content.css
+++ b/skins/default/editor_content.css
@@ -3,11 +3,14 @@
 
 body, td, pre {
 	font-family: Verdana, Arial, Helvetica, sans-serif;
-	font-size: 10px;
+	font-size: 12px;
 }
 
 body {
-	background-color: #FFFFFF;
+	background-color: #FFFFFF;
+	margin-left: 4px;
+	margin-right: 4px;
+	margin-top: 2px;
 }
 
 .mceVisualAid {

--
Gitblit v1.9.1