From c7c09f85d9ccab83f720d1f938035884b9db5d6a Mon Sep 17 00:00:00 2001 From: Aleksander Machniak <alec@alec.pl> Date: Thu, 05 Nov 2015 02:48:34 -0500 Subject: [PATCH] Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583) --- program/lib/Roundcube/rcube_washtml.php | 11 +++-------- 1 files changed, 3 insertions(+), 8 deletions(-) diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php index c3f73fa..9f23f8e 100644 --- a/program/lib/Roundcube/rcube_washtml.php +++ b/program/lib/Roundcube/rcube_washtml.php @@ -313,7 +313,7 @@ $dump = ''; do { - switch($node->nodeType) { + switch ($node->nodeType) { case XML_ELEMENT_NODE: //Check element $tagName = strtolower($node->tagName); if ($callback = $this->handlers[$tagName]) { @@ -345,14 +345,9 @@ case XML_HTML_DOCUMENT_NODE: $dump .= $this->dumpHtml($node, $level); break; - - case XML_DOCUMENT_TYPE_NODE: - break; - - default: - $dump .= '<!-- node type ' . $node->nodeType . ' -->'; } - } while($node = $node->nextSibling); + } + while($node = $node->nextSibling); return $dump; } -- Gitblit v1.9.1