From e7d1a80a800f6f08c0a683d2be04b0db2a1f6523 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak <alec@alec.pl> Date: Fri, 06 Nov 2015 02:37:07 -0500 Subject: [PATCH] Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583) --- program/lib/Roundcube/rcube_washtml.php | 11 +++-------- 1 files changed, 3 insertions(+), 8 deletions(-) diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php index 630a86e..0ce6cb3 100644 --- a/program/lib/Roundcube/rcube_washtml.php +++ b/program/lib/Roundcube/rcube_washtml.php @@ -306,7 +306,7 @@ $dump = ''; do { - switch($node->nodeType) { + switch ($node->nodeType) { case XML_ELEMENT_NODE: //Check element $tagName = strtolower($node->tagName); if ($callback = $this->handlers[$tagName]) { @@ -338,14 +338,9 @@ case XML_HTML_DOCUMENT_NODE: $dump .= $this->dumpHtml($node, $level); break; - - case XML_DOCUMENT_TYPE_NODE: - break; - - default: - $dump .= '<!-- node type ' . $node->nodeType . ' -->'; } - } while($node = $node->nextSibling); + } + while($node = $node->nextSibling); return $dump; } -- Gitblit v1.9.1