From 82ed256f6eeba8dce305f3953aa70681351c9bad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 20 May 2014 13:25:45 -0400
Subject: [PATCH] Fix incorrect handling of HTML comments in messages sanitization code (#1489904)

---
 program/lib/Roundcube/html.php |    5 ++---
 1 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/program/lib/Roundcube/html.php b/program/lib/Roundcube/html.php
index 64324dd..a88570d 100644
--- a/program/lib/Roundcube/html.php
+++ b/program/lib/Roundcube/html.php
@@ -283,10 +283,9 @@
                 continue;
             }
 
-            // ignore not allowed attributes
+            // ignore not allowed attributes, except data-*
             if (!empty($allowed)) {
-                $is_data_attr = substr_compare($key, 'data-', 0, 5) === 0;
-                if (!isset($allowed_f[$key]) && (!$is_data_attr || !isset($allowed_f['data-*']))) {
+                if (!isset($allowed_f[$key]) && @substr_compare($key, 'data-', 0, 5) !== 0) {
                     continue;
                 }
             }

--
Gitblit v1.9.1