From c7c09f85d9ccab83f720d1f938035884b9db5d6a Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 05 Nov 2015 02:48:34 -0500
Subject: [PATCH] Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)

---
 CHANGELOG                               |    1 +
 program/lib/Roundcube/rcube_washtml.php |   11 +++--------
 tests/Framework/Washtml.php             |    6 +++---
 3 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 062283c..9c197e6 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -11,6 +11,7 @@
 - Fix bug where HTML messages with invalid/excessive css styles couldn't be displayed (#1490539)
 - Fix redundant blank lines when using HTML and top posting (#1490576)
 - Fix redundant blank lines on start of text after html to text conversion (#1490577)
+- Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)
 
 RELEASE 1.1.3
 -------------
diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php
index c3f73fa..9f23f8e 100644
--- a/program/lib/Roundcube/rcube_washtml.php
+++ b/program/lib/Roundcube/rcube_washtml.php
@@ -313,7 +313,7 @@
         $dump = '';
 
         do {
-            switch($node->nodeType) {
+            switch ($node->nodeType) {
             case XML_ELEMENT_NODE: //Check element
                 $tagName = strtolower($node->tagName);
                 if ($callback = $this->handlers[$tagName]) {
@@ -345,14 +345,9 @@
             case XML_HTML_DOCUMENT_NODE:
                 $dump .= $this->dumpHtml($node, $level);
                 break;
-
-            case XML_DOCUMENT_TYPE_NODE:
-                break;
-
-            default:
-                $dump .= '<!-- node type ' . $node->nodeType . ' -->';
             }
-        } while($node = $node->nextSibling);
+        }
+        while($node = $node->nextSibling);
 
         return $dump;
     }
diff --git a/tests/Framework/Washtml.php b/tests/Framework/Washtml.php
index acc611e..5903d0c 100644
--- a/tests/Framework/Washtml.php
+++ b/tests/Framework/Washtml.php
@@ -47,7 +47,7 @@
         $html   = "<!--[if gte mso 10]><p>p1</p><!--><p>p2</p>";
         $washed = $washer->wash($html);
 
-        $this->assertEquals('<!-- node type 8 --><!-- html ignored --><!-- body ignored --><p>p2</p>', $washed, "HTML conditional comments (#1489004)");
+        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>p2</p>', $washed, "HTML conditional comments (#1489004)");
 
         $html   = "<!--TestCommentInvalid><p>test</p>";
         $washed = $washer->wash($html);
@@ -57,12 +57,12 @@
         $html   = "<p>para1</p><!-- comment --><p>para2</p>";
         $washed = $washer->wash($html);
 
-        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><!-- node type 8 --><p>para2</p>', $washed, "HTML comments - simple comment");
+        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><p>para2</p>', $washed, "HTML comments - simple comment");
 
         $html   = "<p>para1</p><!-- <hr> comment --><p>para2</p>";
         $washed = $washer->wash($html);
 
-        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><!-- node type 8 --><p>para2</p>', $washed, "HTML comments - tags inside (#1489904)");
+        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><p>para2</p>', $washed, "HTML comments - tags inside (#1489904)");
     }
 
     /**

--
Gitblit v1.9.1