Mirror
/
RoundcubeMail
mirror of https://github.com/roundcube/roundcubemail.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Fix "washing" of unicoded style attributes (#1489777)

pull/176/head
Aleksander Machniak 11 years ago
parent
9155f3de2a
commit
f96fec6b8c
3 changed files with 80 additions and 32 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      CHANGELOG
  2. 99
      program/lib/Roundcube/rcube_washtml.php
  3. 12
      tests/Framework/Washtml.php

1
CHANGELOG
View File

@ -9,6 +9,7 @@ CHANGELOG Roundcube Webmail
- Removed redundant default_folders config option (#1489737)
- Implemented IMAP SPECIAL-USE extension support [RFC6154] (#1487830)
- Fix bug where "With attachment" option in search filter wasn't selected after return from mail view (#1489774)
- Fix "washing" of unicoded style attributes (#1489777)
RELEASE 1.0.0
-------------

99
program/lib/Roundcube/rcube_washtml.php
View File

@ -171,7 +171,7 @@ class rcube_washtml
*/
private function wash_style($style)
{
$s = '';
$result = array();
foreach (explode(';', $style) as $declaration) {
if (preg_match('/^\s*([a-z\-]+)\s*:\s*(.*)\s*$/i', $declaration, $match)) {
@ -179,54 +179,48 @@ class rcube_washtml
$str = $match[2];
$value = '';
while (sizeof($str) > 0 &&
preg_match('/^(url\(\s*[\'"]?([^\'"\)]*)[\'"]?\s*\)'./*1,2*/
'|rgb\(\s*[0-9]+\s*,\s*[0-9]+\s*,\s*[0-9]+\s*\)'.
'|-?[0-9.]+\s*(em|ex|px|cm|mm|in|pt|pc|deg|rad|grad|ms|s|hz|khz|%)?'.
'|#[0-9a-f]{3,6}'.
'|[a-z0-9"\', -]+'.
')\s*/i', $str, $match)
) {
if ($match[2]) {
if (($src = $this->config['cid_map'][$match[2]])
|| ($src = $this->config['cid_map'][$this->config['base_url'].$match[2]])
) {
$value .= ' url('.htmlspecialchars($src, ENT_QUOTES) . ')';
}
else if (preg_match('!^(https?:)?//[a-z0-9/._+-]+$!i', $match[2], $url)) {
if ($this->config['allow_remote']) {
$value .= ' url('.htmlspecialchars($url[0], ENT_QUOTES).')';
foreach ($this->explode_style($str) as $val) {
if (preg_match('/^url\(/i', $val)) {
if (preg_match('/^url\(\s*[\'"]?([^\'"\)]*)[\'"]?\s*\)/iu', $val, $match)) {
$url = $match[1];
if (($src = $this->config['cid_map'][$url])
|| ($src = $this->config['cid_map'][$this->config['base_url'].$url])
) {
$value .= ' url('.htmlspecialchars($src, ENT_QUOTES) . ')';
}
else {
$this->extlinks = true;
else if (preg_match('!^(https?:)?//[a-z0-9/._+-]+$!i', $url, $m)) {
if ($this->config['allow_remote']) {
$value .= ' url('.htmlspecialchars($m[0], ENT_QUOTES).')';
}
else {
$this->extlinks = true;
}
}
else if (preg_match('/^data:.+/i', $url)) { // RFC2397
$value .= ' url('.htmlspecialchars($url, ENT_QUOTES).')';
}
}
else if (preg_match('/^data:.+/i', $match[2])) { // RFC2397
$value .= ' url('.htmlspecialchars($match[2], ENT_QUOTES).')';
}
}
else {
else if (!preg_match('/^(behavior|expression)/i', $val)) {
// whitelist ?
$value .= ' ' . $match[0];
$value .= ' ' . $val;
// #1488535: Fix size units, so width:800 would be changed to width:800px
if (preg_match('/(left|right|top|bottom|width|height)/i', $cssid)
&& preg_match('/^[0-9]+$/', $match[0])
&& preg_match('/^[0-9]+$/', $val)
) {
$value .= 'px';
}
}
$str = substr($str, strlen($match[0]));
}
if (isset($value[0])) {
$s .= ($s?' ':'') . $cssid . ':' . $value . ';';
$result[] = $cssid . ':' . $value;
}
}
}
return $s;
return implode('; ', $result);
}
/**
@ -578,4 +572,49 @@ class rcube_washtml
}
}
}
/**
* Explode css style value
*/
protected function explode_style($style)
{
$style = trim($style);
// first remove comments
$pos = 0;
while (($pos = strpos($style, '/*', $pos)) !== false) {
$end = strpos($style, '*/', $pos+2);
if ($end === false) {
$style = substr($style, 0, $pos);
}
else {
$style = substr_replace($style, '', $pos, $end - $pos + 2);
}
}
$strlen = strlen($style);
$result = array();
// explode value
for ($p=$i=0; $i < $strlen; $i++) {
if (($style[$i] == "\"" || $style[$i] == "'") && $style[$i-1] != "\\") {
if ($q == $style[$i]) {
$q = false;
}
else if (!$q) {
$q = $style[$i];
}
}
if (!$q && $style[$i] == ' ' && !preg_match('/[,\(]/', $style[$i-1])) {
$result[] = substr($style, $p, $i - $p);
$p = $i + 1;
}
}
$result[] = (string) substr($style, $p);
return $result;
}
}

12
tests/Framework/Washtml.php
View File

@ -144,11 +144,19 @@ class Framework_Washtml extends PHPUnit_Framework_TestCase
function test_style_unicode()
{
$html = "<html><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />
<body><span style='font-family:\"新細明體\",\"serif\";color:red'>令全場爆滿</span></body></html>";
<body><span style='font-family:\"新細明體\",\"serif\";color:red'>test</span></body></html>";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertRegExp('|style=\'font-family: "新細明體","serif"; color: red\'|', $washed, "Unicode chars in style attribute (#1489697)");
$this->assertRegExp('|style=\'font-family: "新細明體","serif"; color: red\'|', $washed, "Unicode chars in style attribute - quoted (#1489697)");
$html = "<html><meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />
<body><span style='font-family:新細明體;color:red'>test</span></body></html>";
$washer = new rcube_washtml;
$washed = $washer->wash($html);
$this->assertRegExp('|style="font-family: 新細明體; color: red"|', $washed, "Unicode chars in style attribute (#1489697)");
}
}
Write Preview
Loading…
Cancel
Save