From 5e98e109b9150f59e119ee30fdfaf6a54d077e9a Mon Sep 17 00:00:00 2001
From: svncommit <devs@roundcube.net>
Date: Fri, 29 Dec 2006 05:11:25 -0500
Subject: [PATCH] Fix HTML cleanup (fixes #1484183)

---
 program/steps/mail/func.inc |    8 ++++++--
 1 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 257502e..e12208d 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -1210,8 +1210,12 @@
     }
 
   // replace event handlers on any object
-  $body = preg_replace('/\s(on[^=]+)=/im', ' __removed=', $body);  
-  $body = preg_replace('/\shref=["\']?(javascript:)/im', 'null:', $body);
+  while ($body != $prev_body)
+    {
+    $prev_body = $body;
+    $body = preg_replace('/(<[^!][^>]*?\s)(on\w+?)(=[^>]*?>)/im', '$1__removed=$3', $body);
+    $body = preg_replace('/(<[^!][^>]*?\shref=["\']?)(javascript:)([^>]*?>)/im', '$1null:$3', $body);
+    }
 
   // resolve <base href>
   $base_reg = '/(<base.*href=["\']?)([hftps]{3,5}:\/{2}[^"\'\s]+)([^<]*>)/i';

--
Gitblit v1.9.1