From 6547093937cd4ee33adb7f9e55ce6851e25a6a8f Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Tue, 02 Oct 2012 14:28:02 -0400
Subject: [PATCH] Backported commit 10467e8a5957 and other improvements

---
 program/include/html.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/include/html.php b/program/include/html.php
index c15ef45..dc93b33 100644
--- a/program/include/html.php
+++ b/program/include/html.php
@@ -301,7 +301,7 @@
                 $attrib_arr[] = $key . '="' . Q($value, 'strict', false) . '"';
             }
             else {
-                $attrib_arr[] = $key . '="' . Q($value) . '"';
+                $attrib_arr[] = $key . '="' . htmlspecialchars($value, ENT_COMPAT, RCMAIL_CHARSET) . '"';
             }
         }
         return count($attrib_arr) ? ' '.implode(' ', $attrib_arr) : '';

--
Gitblit v1.9.1