From 3e4b7cd19d1b019f35872d384aeb24f09d035bce Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Mon, 18 Jan 2016 03:54:54 -0500
Subject: [PATCH] Extend rcube_washtml with SVG support

---
 program/steps/mail/get.inc |   20 ++++++++++++++------
 1 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc
index f89e7e0..a79b968 100644
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@@ -517,12 +517,20 @@
  */
 function rcmail_svg_filter($body)
 {
-    $dom = new DOMDocument;
-    $dom->loadXML($body);
+    // clean SVG with washhtml
+    $wash_opts = array(
+        'show_washed'   => false,
+        'allow_remote'  => false,
+        'charset'       => RCUBE_CHARSET,
+        'html_elements' => array('title'),
+//        'blocked_src'   => 'program/resources/blocked.gif',
+    );
 
-    foreach ($dom->getElementsByTagName('script') as $node) {
-        $node->parentNode->removeChild($node);
-    }
+    // initialize HTML washer
+    $washer = new rcube_washtml($wash_opts);
 
-    return $dom->saveXML() ?: '';
+    // allow CSS styles, will be sanitized by rcmail_washtml_callback()
+    $washer->add_callback('style', 'rcmail_washtml_callback');
+
+    return $washer->wash($body);
 }

--
Gitblit v1.9.1