From 2f93b031b2b72ec9be2255c387cae7c7713c2ff7 Mon Sep 17 00:00:00 2001
From: svncommit <devs@roundcube.net>
Date: Tue, 12 Feb 2008 21:51:05 -0500
Subject: [PATCH] condense TinyMCE toolbar down to one line, removing table buttons (#1484747) fix image removal in message display when message HTML includes JS event handlers

---
 program/steps/mail/func.inc |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 2563ec2..b0d6417 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -988,7 +988,7 @@
   while ($body != $prev_body)
     {
     $prev_body = $body;
-    $body = preg_replace('/(<[^!][^>]*\s)(on[^=>]+)=([^>]+>)/im', '$1__removed=$3', $body);
+    $body = preg_replace('/(<[^!][^>]*\s)on(?:load|unload|click|dblclick|mousedown|mouseup|mouseover|mousemove|mouseout|focus|blur|keypress|keydown|keyup|submit|reset|select|change)=([^>]+>)/im', '$1__removed=$2', $body);
     $body = preg_replace('/(<[^!][^>]*\shref=["\']?)(javascript:)([^>]*?>)/im', '$1null:$3', $body);
     }
 

--
Gitblit v1.9.1