Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-10 01:56:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,610 Commits 72 Branches 205 Tags
fe796d4040788ace1291557ff6a18b3ce6c1a37d
Commit Graph

37 Commits

Author SHA1 Message Date
Aleksander Machniak
47d9ed6d0c Add support for PHPUnit 6 and 7 (#6870) 
Fixes composer dependencies: Package phpunit/phpunit-mock-objects is abandoned

We cannot support v8 yet because of errors like:
Declaration of MailFunc::setUp() must be compatible with PHPUnit\Framework\TestCase::setUp(): void
It would require dropping PHP < 7.1 support.
 2019-12-28 09:37:45 +01:00
Aleksander Machniak
cf90c69ad7 Fix bug where 'text' attribute on body tag was ignored when displaying HTML message (#7109) 2019-12-14 17:42:55 +01:00
Aleksander Machniak
21ebf3ff5a Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896) 2019-08-27 15:57:47 +02:00
Aleksander Machniak
55cca61134 Workaround more invalid HTML cases parsed incorrectly by Mastermind/HTML5 (#6713) 2019-04-28 12:43:10 +02:00
Aleksander Machniak
92ed0154d5 Followup fix on handling HTML content w/o html/head/body tag (#6713) 2019-04-15 09:25:12 +02:00
Aleksander Machniak
03d56926d8 Fix bug in HTML parser that could cause missing text fragments when there was no head/body tag (#6713) 2019-04-14 09:53:02 +02:00
dsoares
00cc13a1b9 Fix bug where HTML messages with a xml:namespace tag were not rendered. 2019-03-26 15:10:43 +00:00
Aleksander Machniak
0a0ac045fe Fix bug where valid content between HTML comments could have been skipped in some cases (#6464) 2018-09-27 16:00:54 +02:00
Aleksander Machniak
086e781b8f Fix bug where some HTML comments could have been malformed by HTML parser (#6333) 2018-06-22 14:16:20 +02:00
Aleksander Machniak
0716d499bc Fix bug where some escape sequences in html styles could bypass security checks 2018-05-05 17:12:18 +02:00
Aleksander Machniak
63d3ad11fb Use Masterminds/HTML5 parser for HTML5 support (#5761) 2018-04-21 13:14:42 +02:00
Aleksander Machniak
5e08a6ac59 Handle remote stylesheets the same as remote images, ask the user to allow them (#5994) 
Fixes the issue where remote stylesheet could have been blocked
if the message contained no remote images and user have no way to
allow that content.
 2017-10-13 12:48:13 +02:00
Aleksander Machniak
3196d656db Fix css conflicts in user interface and e-mail content (#5891) 
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
 2017-10-12 10:48:54 +02:00
Thomas Bruederli
919338d4ba Escape textarea contents in Washtml 2017-08-18 09:49:54 +02:00
Aleksander Machniak
e08f22ef28 Fix bug where external content in src attribute of input/video tags was not secured (#5583) 2017-01-07 20:00:18 +01:00
Aleksander Machniak
dcabc1d814 Merge remote-tracking branch 'upstream/master' 
Conflicts:
	tests/Framework/Washtml.php
 2016-07-31 09:26:19 +02:00
Aleksander Machniak
bf5b3072c4 Fix MathML test on older PHP versions 2016-07-18 11:19:53 +02:00
Aleksander Machniak
edfd9da42a Support MathML in HTML message preview (#5182) 2016-07-17 11:15:37 +02:00
Aleksander Machniak
6737e293bb Wash position:fixed style in HTML mail for better security (#5264) 2016-05-29 17:09:41 +02:00
Aleksander Machniak
ca9ad75d96 Add some more tests for HREF attribute washing 2016-05-08 10:06:24 +02:00
Aleksander Machniak
6652367d65 Fix XSS issue in href attribute on area tag (#5240, #5241) 2016-05-06 08:28:15 +02:00
Aleksander Machniak
ed1d212ae2 Improved SVG cleanup code 2016-01-16 09:03:51 +01:00
Aleksander Machniak
9234903287 Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583) 2015-11-05 08:46:43 +01:00
Aleksander Machniak
f4c512336d Fix "washing" of style elements wrapped into many lines 2015-08-10 10:17:05 +02:00
Aleksander Machniak
786aa0725e Fix XSS issue in style attribute handling (#1490227) 2015-01-13 09:41:41 +01:00
Aleksander Machniak
5bf83d551e Fix unintentional line-height style modification in HTML messages (#1489917) 2014-05-27 14:44:52 +02:00
Aleksander Machniak
82ed256f6e Fix incorrect handling of HTML comments in messages sanitization code (#1489904) 2014-05-20 19:25:45 +02:00
Aleksander Machniak
f96fec6b8c Fix "washing" of unicoded style attributes (#1489777) 2014-04-11 09:13:59 +02:00
Aleksander Machniak
5e3ee8418e Add test case for #1489777 2014-04-08 12:29:59 +02:00
Aleksander Machniak
68cf8f19d2 Add some tests 2014-03-18 11:12:08 +01:00
Aleksander Machniak
c7250749ab Fix issue where deprecated syntax for HTML lists was not handled properly (#1488768) 2013-12-28 19:14:51 +01:00
Aleksander Machniak
ffec857b69 Fix handling of invalid closing tags in HTML messages (#1489446) 2013-11-28 09:12:03 +01:00
Aleksander Machniak
cb3e2fe0c2 Fix displaying messages with invalid self-closing HTML tags (#1489137) 2013-05-31 15:42:22 +02:00
Aleksander Machniak
f773259412 Fix washtml test after "unsupported node type" fix 2013-05-25 20:38:04 +02:00
Aleksander Machniak
1e2468e4b9 Added two tests for HTML comments handling in rcube_washtml class 2013-03-22 10:24:32 +01:00
Aleksander Machniak
1f910cb50d Fix handling link href attribute value with (valid) newline characters (#1488940) 2013-02-01 20:04:00 +01:00
Aleksander Machniak
7ac94421bf Move washtml class into Roundcube Framework (rcube_washtml), add some improvements 2012-12-25 18:06:17 +01:00