From 95d28926865d8a0d6fd009ebd73c0fc78c19d183 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Thu, 04 Oct 2012 10:59:37 -0400
Subject: [PATCH] Fix HTTP User-Agent XSS vulnerability (#1488737)

---
 program/include/rcube_string_replacer.php |    9 +++------
 1 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/program/include/rcube_string_replacer.php b/program/include/rcube_string_replacer.php
index b3d29eb..c29f0e4 100644
--- a/program/include/rcube_string_replacer.php
+++ b/program/include/rcube_string_replacer.php
@@ -17,9 +17,6 @@
  +-----------------------------------------------------------------------+
  | Author: Thomas Bruederli <roundcube@gmail.com>                        |
  +-----------------------------------------------------------------------+
-
- $Id$
-
 */
 
 
@@ -98,7 +95,7 @@
       $i = $this->add($prefix . html::a(array(
           'href' => $url_prefix . $url,
           'target' => '_blank'
-        ), Q($url)) . $suffix);
+        ), rcmail::Q($url)) . $suffix);
     }
 
     // Return valid link for recognized schemes, otherwise, return the unmodified string for unrecognized schemes.
@@ -118,8 +115,8 @@
 
     $i = $this->add(html::a(array(
         'href' => 'mailto:' . $href,
-        'onclick' => "return ".JS_OBJECT_NAME.".command('compose','".JQ($href)."',this)",
-      ), Q($href)) . $suffix);
+        'onclick' => "return ".rcmail::JS_OBJECT_NAME.".command('compose','".rcmail::JQ($href)."',this)",
+      ), rcmail::Q($href)) . $suffix);
 
     return $i >= 0 ? $this->get_replacement($i) : '';
   }

--
Gitblit v1.9.1