From bf1b66bf1d6eb000938f0080042fce0919976a94 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Wed, 30 Sep 2009 14:06:41 -0400
Subject: [PATCH] - Fix handling HTML comments in HTML messages (#1486189)

---
 CHANGELOG                   |    1 +
 program/steps/mail/func.inc |    6 +++++-
 2 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index d462bf1..561bb60 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
 CHANGELOG RoundCube Webmail
 ===========================
 
+- Fix handling HTML comments in HTML messages (#1486189)
 - Fix folder/messagelist controls alignment - icons used (#1486072)
 - Fix LDAP addressbook shows 'Contact not found' error sometimes (#1486178)
 - Fix cache status checking + improve cache operations performance (#1486104)
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc
index 35354eb..0f835e9 100644
--- a/program/steps/mail/func.inc
+++ b/program/steps/mail/func.inc
@@ -734,7 +734,7 @@
 
   // allow CSS styles, will be sanitized by rcmail_washtml_callback()
   $washer->add_callback('style', 'rcmail_washtml_callback');
-    
+
   $html = $washer->wash($html);
   $REMOTE_OBJECTS = $washer->extlinks;
   
@@ -892,6 +892,10 @@
 {
   $tagname = $matches[2];
 
+  // html comments (#1486189)
+  if ($matches[1] == '<!')
+    return '<!';
+    
   $tagname = preg_replace(array(
     '/:.*$/',		// Microsoft's Smart Tags <st1:xxxx>
     '/[^a-z0-9_-]/i',	// forbidden characters

--
Gitblit v1.9.1