Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-07 00:26:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,344 Commits 72 Branches 205 Tags
editorconfig-javascript
Commit Graph

103 Commits

Author SHA1 Message Date
Aleksander Machniak
bf34e8cf9c Fix performance issue of parsing big HTML messages by disabling HTML5 parser for these (#7331) 2020-04-22 12:33:34 +02:00
Aleksander Machniak
cf90c69ad7 Fix bug where 'text' attribute on body tag was ignored when displaying HTML message (#7109) 2019-12-14 17:42:55 +01:00
Aleksander Machniak
21ebf3ff5a Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896) 2019-08-27 15:57:47 +02:00
Aleksander Machniak
1afa46d28d PHPDoc and CS fixes 2019-08-25 14:15:09 +02:00
Aleksander Machniak
55cca61134 Workaround more invalid HTML cases parsed incorrectly by Mastermind/HTML5 (#6713) 2019-04-28 12:43:10 +02:00
Aleksander Machniak
57c67db029 Remove year(s) from copyright headers + some cleanup 2019-04-16 10:42:45 +02:00
Aleksander Machniak
92ed0154d5 Followup fix on handling HTML content w/o html/head/body tag (#6713) 2019-04-15 09:25:12 +02:00
Aleksander Machniak
03d56926d8 Fix bug in HTML parser that could cause missing text fragments when there was no head/body tag (#6713) 2019-04-14 09:53:02 +02:00
dsoares
00cc13a1b9 Fix bug where HTML messages with a xml:namespace tag were not rendered. 2019-03-26 15:10:43 +00:00
Aleksander Machniak
0a0ac045fe Fix bug where valid content between HTML comments could have been skipped in some cases (#6464) 2018-09-27 16:00:54 +02:00
Aleksander Machniak
4310046993 Remove redundant trim() 2018-09-17 08:37:38 +02:00
Aleksander Machniak
c28242f63c Log errors caused by low pcre.backtrack_limit when sending a mail message (#6433) 2018-09-14 13:37:19 +02:00
Aleksander Machniak
086e781b8f Fix bug where some HTML comments could have been malformed by HTML parser (#6333) 2018-06-22 14:16:20 +02:00
Aleksander Machniak
0716d499bc Fix bug where some escape sequences in html styles could bypass security checks 2018-05-05 17:12:18 +02:00
Aleksander Machniak
63d3ad11fb Use Masterminds/HTML5 parser for HTML5 support (#5761) 2018-04-21 13:14:42 +02:00
Aleksander Machniak
73ea8f94d0 Use htmlspecialchars() with charset argument, simplify some code 2018-04-03 15:29:59 +02:00
Aleksander Machniak
9d2b303b51 Fix bug in remote content blocking on HTML image and style tags (#6178) 2018-02-14 20:19:32 +01:00
Aleksander Machniak
5e08a6ac59 Handle remote stylesheets the same as remote images, ask the user to allow them (#5994) 
Fixes the issue where remote stylesheet could have been blocked
if the message contained no remote images and user have no way to
allow that content.
 2017-10-13 12:48:13 +02:00
Aleksander Machniak
3196d656db Fix css conflicts in user interface and e-mail content (#5891) 
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
 2017-10-12 10:48:54 +02:00
Aleksander Machniak
72fe97ddfc Fix bug where HTML messages could have been rendered empty on some systems (#5957) 
Consistently use $nodeName instead of $tagName property.
 2017-09-17 08:44:08 +02:00
Thomas Bruederli
919338d4ba Escape textarea contents in Washtml 2017-08-18 09:49:54 +02:00
Aleksander Machniak
e08f22ef28 Fix bug where external content in src attribute of input/video tags was not secured (#5583) 2017-01-07 20:00:18 +01:00
Aleksander Machniak
dcabc1d814 Merge remote-tracking branch 'upstream/master' 
Conflicts:
	tests/Framework/Washtml.php
 2016-07-31 09:26:19 +02:00
Aleksander Machniak
edfd9da42a Support MathML in HTML message preview (#5182) 2016-07-17 11:15:37 +02:00
Aleksander Machniak
6737e293bb Wash position:fixed style in HTML mail for better security (#5264) 2016-05-29 17:09:41 +02:00
Aleksander Machniak
6652367d65 Fix XSS issue in href attribute on area tag (#5240, #5241) 2016-05-06 08:28:15 +02:00
Aleksander Machniak
0e77b6f1b3 Fix regression where xml mode could be used to parse xhtml messages causing empty result 2016-01-20 08:44:31 +01:00
Aleksander Machniak
ed1d212ae2 Improved SVG cleanup code 2016-01-16 09:03:51 +01:00
Aleksander Machniak
023d3eb031 Refactor wash_attribs() - fix regressions 2016-01-12 13:57:30 +01:00
Aleksander Machniak
a1fdb205f8 Extend rcube_washtml with SVG support 2016-01-09 18:26:09 +01:00
Aleksander Machniak
9234903287 Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583) 2015-11-05 08:46:43 +01:00
Aleksander Machniak
f4c512336d Fix "washing" of style elements wrapped into many lines 2015-08-10 10:17:05 +02:00
Aleksander Machniak
a958748947 CS fixes 2015-06-07 15:26:33 +02:00
Aleksander Machniak
759566fe99 Fix parsing invalid HTML messages with BOM after <!DOCTYPE> (#1490291) 2015-02-27 09:13:39 +01:00
Aleksander Machniak
786aa0725e Fix XSS issue in style attribute handling (#1490227) 2015-01-13 09:41:41 +01:00
Aleksander Machniak
7b924535fd CS fixes 2015-01-03 13:59:07 +01:00
Aleksander Machniak
75bbada03b Remove code for PHP<5.3, use PHP_VERSION_ID instead of version_compare() for version checks 2014-08-24 11:23:33 +02:00
Aleksander Machniak
c5bfe69e21 Improved video support, all tinymce related resources moved to program/js/tinymce/roundcube dir 2014-06-04 18:42:57 +02:00
Aleksander Machniak
5bf83d551e Fix unintentional line-height style modification in HTML messages (#1489917) 2014-05-27 14:44:52 +02:00
Aleksander Machniak
82ed256f6e Fix incorrect handling of HTML comments in messages sanitization code (#1489904) 2014-05-20 19:25:45 +02:00
Aleksander Machniak
f96fec6b8c Fix "washing" of unicoded style attributes (#1489777) 2014-04-11 09:13:59 +02:00
Aleksander Machniak
c77a8497e7 Fix again xdebug.max_nesting_level limit handling (#1489110) 2014-04-05 09:25:57 +02:00
Aleksander Machniak
c0dda0556c Allow single quote in style attribute values. 
E.g. "font-family: 'Tahoma'" should not be removed.
 2014-01-24 11:22:02 +01:00
Aleksander Machniak
c7250749ab Fix issue where deprecated syntax for HTML lists was not handled properly (#1488768) 2013-12-28 19:14:51 +01:00
Aleksander Machniak
ffec857b69 Fix handling of invalid closing tags in HTML messages (#1489446) 2013-11-28 09:12:03 +01:00
Aleksander Machniak
af79a7b837 Fixed issues where HTML comments inside style tag would hang Internet Explorer 2013-10-04 09:40:37 +02:00
Aleksander Machniak
bfd24fcc04 Use DOMDocument LIBXML_PARSEHUGE and LIBXML_COMPACT options if possible (#1489302) 2013-10-02 13:15:29 +02:00
rodrigo
b6a640bdc9 replaces smart quotes with regular quotes. Fixes improper doctype declarations in html emails 2013-07-24 14:52:45 -07:00
Aleksander Machniak
cb3e2fe0c2 Fix displaying messages with invalid self-closing HTML tags (#1489137) 2013-05-31 15:42:22 +02:00
Aleksander Machniak
a8994090bb Fix fatal error when xdebug.max_nesting_level was exceeded in rcube_washtml (#1489110) 2013-05-24 09:19:57 +02:00