Fix for bug #2721
parent
49363cfe36
commit
619cb2c0ec
1
NEWS
1
NEWS
|
@ -20,6 +20,7 @@ Bug fixes
|
||||||
- fixed wrong generation of weekly repetitive events with ActiveSync (#2654)
|
- fixed wrong generation of weekly repetitive events with ActiveSync (#2654)
|
||||||
- fixed incorrect XML data conversion with ActiveSync (#2695)
|
- fixed incorrect XML data conversion with ActiveSync (#2695)
|
||||||
- fixed display of events having a category with HTML entities (#2703)
|
- fixed display of events having a category with HTML entities (#2703)
|
||||||
|
- fixed display of images in CSS background (#2437)
|
||||||
|
|
||||||
2.2.3 (2014-04-03)
|
2.2.3 (2014-04-03)
|
||||||
------------------
|
------------------
|
||||||
|
|
|
@ -559,6 +559,13 @@ static NSData* _sanitizeContent(NSData *theData)
|
||||||
&& ![value hasPrefix: @"mailto:"]
|
&& ![value hasPrefix: @"mailto:"]
|
||||||
&& ![value hasPrefix: @"#"]);
|
&& ![value hasPrefix: @"#"]);
|
||||||
}
|
}
|
||||||
|
// Avoid: <div style="background:url('http://www.sogo.nu/fileadmin/sogo/logos/sogo.bts.png' ); width: 200px; height: 200px;" title="ssss">
|
||||||
|
else if ([name isEqualToString: @"style"])
|
||||||
|
{
|
||||||
|
value = [_attributes valueAtIndex: count];
|
||||||
|
if ([value rangeOfString: @"url" options: NSCaseInsensitiveSearch].location != NSNotFound)
|
||||||
|
name = [NSString stringWithFormat: @"unsafe-%@", name];
|
||||||
|
}
|
||||||
else if (
|
else if (
|
||||||
// Mouse Events
|
// Mouse Events
|
||||||
[name isEqualToString: @"onclick"] ||
|
[name isEqualToString: @"onclick"] ||
|
||||||
|
@ -594,12 +601,13 @@ static NSData* _sanitizeContent(NSData *theData)
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
value = [_attributes valueAtIndex: count];
|
value = [_attributes valueAtIndex: count];
|
||||||
|
|
||||||
if (!skipAttribute)
|
if (!skipAttribute)
|
||||||
[resultPart appendFormat: @" %@=\"%@\"",
|
[resultPart appendFormat: @" %@=\"%@\"",
|
||||||
name, [value stringByReplacingString: @"\""
|
name, [value stringByReplacingString: @"\""
|
||||||
withString: @"\\\""]];
|
withString: @"\\\""]];
|
||||||
}
|
}
|
||||||
|
|
||||||
if ([VoidTags containsObject: lowerName])
|
if ([VoidTags containsObject: lowerName])
|
||||||
[resultPart appendString: @"/"];
|
[resultPart appendString: @"/"];
|
||||||
[resultPart appendString: @">"];
|
[resultPart appendString: @">"];
|
||||||
|
@ -686,16 +694,16 @@ static NSData* _sanitizeContent(NSData *theData)
|
||||||
[self _appendStyle: _chars length: _len];
|
[self _appendStyle: _chars length: _len];
|
||||||
else if (inBody)
|
else if (inBody)
|
||||||
{
|
{
|
||||||
NSString *tmpString;
|
NSString *s;
|
||||||
|
|
||||||
tmpString = [NSString stringWithCharacters: _chars length: _len];
|
s = [NSString stringWithCharacters: _chars length: _len];
|
||||||
|
|
||||||
// HACK: This is to avoid appending the useless junk in the <html> tag
|
// HACK: This is to avoid appending the useless junk in the <html> tag
|
||||||
// that Outlook adds. It seems to confuse the XML parser for
|
// that Outlook adds. It seems to confuse the XML parser for
|
||||||
// forwarded messages as we get this in the _body_ of the email
|
// forwarded messages as we get this in the _body_ of the email
|
||||||
// while we really aren't in it!
|
// while we really aren't in it!
|
||||||
if (![tmpString hasPrefix: @" xmlns:v=\"urn:schemas-microsoft-com:vml\""])
|
if (![s hasPrefix: @" xmlns:v=\"urn:schemas-microsoft-com:vml\""])
|
||||||
[result appendString: [tmpString stringByEscapingHTMLString]];
|
[result appendString: [s stringByEscapingHTMLString]];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1260,7 +1260,7 @@ function configureLoadImagesButton() {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
var content = $("messageContent");
|
var content = $("messageContent");
|
||||||
var unsafeElements = content.select('[unsafe-src], [unsafe-data], [unsafe-classid], [unsafe-background]');
|
var unsafeElements = content.select('[unsafe-src], [unsafe-data], [unsafe-classid], [unsafe-background], [unsafe-style]');
|
||||||
if (unsafeElements.length == 0) {
|
if (unsafeElements.length == 0) {
|
||||||
loadImagesButton.setStyle({ display: 'none' });
|
loadImagesButton.setStyle({ display: 'none' });
|
||||||
}
|
}
|
||||||
|
@ -1560,7 +1560,7 @@ function loadRemoteImages() {
|
||||||
var content = $("messageContent");
|
var content = $("messageContent");
|
||||||
if (content.hiddenElements) {
|
if (content.hiddenElements) {
|
||||||
$(content.hiddenElements).each(function(element) {
|
$(content.hiddenElements).each(function(element) {
|
||||||
['src', 'data', 'classid', 'background'].each(function(attr) {
|
['src', 'data', 'classid', 'background', 'style'].each(function(attr) {
|
||||||
var unsafeAttr = element.readAttribute('unsafe-' + attr);
|
var unsafeAttr = element.readAttribute('unsafe-' + attr);
|
||||||
if (unsafeAttr) {
|
if (unsafeAttr) {
|
||||||
log ('unsafe ' + attr + ': ' + unsafeAttr);
|
log ('unsafe ' + attr + ': ' + unsafeAttr);
|
||||||
|
|
Loading…
Reference in New Issue