From 79e634040d240b9ae2f392fccc3de643035109f9 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Fri, 28 Jan 2011 10:19:38 -0500
Subject: [PATCH] Don't block CSS styles having important keywords

---
 program/include/main.inc    |    4 ++--
 program/steps/mail/func.inc |    4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/program/include/main.inc b/program/include/main.inc
index d79ba2c..7f49456 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -872,8 +872,8 @@
   $replacements = new rcube_string_replacer;
 
   // ignore the whole block if evil styles are detected
-  $stripped = preg_replace('/[^a-z\(:]/', '', rcmail_xss_entity_decode($source));
-  if (preg_match('/expression|behavior|url\(|import/', $stripped))
+  $stripped = preg_replace('/[^a-z\(:;]/', '', rcmail_xss_entity_decode($source));
+  if (preg_match('/expression|behavior|url\(|import[^a]/', $stripped))
     return '/* evil! */';
 
   // remove css comments (sometimes used for some ugly hacks)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 99f792f..131a5aa 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -829,10 +829,10 @@
 
     case 'style':
       // decode all escaped entities and reduce to ascii strings
-      $stripped = preg_replace('/[^a-zA-Z\(:]/', '', rcmail_xss_entity_decode($content));
+      $stripped = preg_replace('/[^a-zA-Z\(:;]/', '', rcmail_xss_entity_decode($content));
 
       // now check for evil strings like expression, behavior or url()
-      if (!preg_match('/expression|behavior|url\(|import/', $stripped)) {
+      if (!preg_match('/expression|behavior|url\(|import[^a]/', $stripped)) {
         $out = html::tag('style', array('type' => 'text/css'), $content);
         break;
       }

--
Gitblit v1.9.1