From e7d1a80a800f6f08c0a683d2be04b0db2a1f6523 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 06 Nov 2015 02:37:07 -0500
Subject: [PATCH] Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)

---
 CHANGELOG                               |    1 +
 program/lib/Roundcube/rcube_washtml.php |   11 +++--------
 tests/Framework/Washtml.php             |    6 +++---
 3 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index d0dfd35..3b87c1a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -2,6 +2,7 @@
 ===========================
 
 - Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582)
+- Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)
 
 RELEASE 1.0.7
 -------------
diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php
index 630a86e..0ce6cb3 100644
--- a/program/lib/Roundcube/rcube_washtml.php
+++ b/program/lib/Roundcube/rcube_washtml.php
@@ -306,7 +306,7 @@
         $dump = '';
 
         do {
-            switch($node->nodeType) {
+            switch ($node->nodeType) {
             case XML_ELEMENT_NODE: //Check element
                 $tagName = strtolower($node->tagName);
                 if ($callback = $this->handlers[$tagName]) {
@@ -338,14 +338,9 @@
             case XML_HTML_DOCUMENT_NODE:
                 $dump .= $this->dumpHtml($node, $level);
                 break;
-
-            case XML_DOCUMENT_TYPE_NODE:
-                break;
-
-            default:
-                $dump .= '<!-- node type ' . $node->nodeType . ' -->';
             }
-        } while($node = $node->nextSibling);
+        }
+        while($node = $node->nextSibling);
 
         return $dump;
     }
diff --git a/tests/Framework/Washtml.php b/tests/Framework/Washtml.php
index e4e3de4..06b67d4 100644
--- a/tests/Framework/Washtml.php
+++ b/tests/Framework/Washtml.php
@@ -47,7 +47,7 @@
         $html   = "<!--[if gte mso 10]><p>p1</p><!--><p>p2</p>";
         $washed = $washer->wash($html);
 
-        $this->assertEquals('<!-- node type 8 --><!-- html ignored --><!-- body ignored --><p>p2</p>', $washed, "HTML conditional comments (#1489004)");
+        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>p2</p>', $washed, "HTML conditional comments (#1489004)");
 
         $html   = "<!--TestCommentInvalid><p>test</p>";
         $washed = $washer->wash($html);
@@ -57,12 +57,12 @@
         $html   = "<p>para1</p><!-- comment --><p>para2</p>";
         $washed = $washer->wash($html);
 
-        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><!-- node type 8 --><p>para2</p>', $washed, "HTML comments - simple comment");
+        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><p>para2</p>', $washed, "HTML comments - simple comment");
 
         $html   = "<p>para1</p><!-- <hr> comment --><p>para2</p>";
         $washed = $washer->wash($html);
 
-        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><!-- node type 8 --><p>para2</p>', $washed, "HTML comments - tags inside (#1489904)");
+        $this->assertEquals('<!-- html ignored --><!-- body ignored --><p>para1</p><p>para2</p>', $washed, "HTML comments - tags inside (#1489904)");
     }
 
     /**

--
Gitblit v1.9.1