From 3375a681eb4bc4aa6e64d9a423ba0d1b6b0f4e12 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 14 May 2013 03:41:30 -0400
Subject: [PATCH] Fix problem where security warning was displayed for valid images with image/jpg type (#1489097)

---
 CHANGELOG                   |    1 +
 program/steps/mail/func.inc |    3 +--
 program/steps/mail/get.inc  |    7 ++-----
 3 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 9a4fa70..fccac10 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG Roundcube Webmail
 ===========================
 
+- Fix problem where security warning was displayed for valid images with image/jpg type (#1489097)
 - Fix handling of invalid email addresses in headers (#1489092)
 - Added attachment_reminder plugin
 - Fix IMAP connection issue with default_socket_timeout < 0 and imap_timeout < 0 (#1489090)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 7e763a2..fc22366 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -1823,8 +1823,7 @@
   // application/pdf.A520491B_3BF7_494D_8855_7FAC2C6C0608
   if (preg_match('/^application\/pdf.+/', $name))
     $name = 'application/pdf';
-
-  // treat image/pjpeg as image/jpeg
+  // treat image/pjpeg (image/pjpg, image/jpg) as image/jpeg (#1489097)
   else if (preg_match('/^image\/p?jpe?g$/', $name))
     $name = 'image/jpeg';
 
diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc
index bcc6f11..3727577 100644
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@@ -95,9 +95,7 @@
 else if (strlen($pid = get_input_value('_part', RCUBE_INPUT_GET))) {
 
   if ($part = $MESSAGE->mime_parts[$pid]) {
-    $ctype_primary = strtolower($part->ctype_primary);
-    $ctype_secondary = strtolower($part->ctype_secondary);
-    $mimetype = sprintf('%s/%s', $ctype_primary, $ctype_secondary);
+    $mimetype = rcmail_fix_mimetype($part->mimetype);
 
     // allow post-processing of the message body
     $plugin = $RCMAIL->plugins->exec_hook('message_part_get',
@@ -107,7 +105,7 @@
       exit;
 
     // overwrite modified vars from plugin
-    $mimetype = $plugin['mimetype'];
+    $mimetype   = $plugin['mimetype'];
     $extensions = rcube_mime::get_mime_extensions($mimetype);
 
     if ($plugin['body'])
@@ -217,7 +215,6 @@
       header("Content-Type: text/$ctype_secondary; charset=" . ($part->charset ? $part->charset : RCMAIL_CHARSET));
     }
     else {
-      $mimetype = rcmail_fix_mimetype($mimetype);
       header("Content-Type: $mimetype");
       header("Content-Transfer-Encoding: binary");
     }

--
Gitblit v1.9.1