diff options
author | Aleksander Machniak <alec@alec.pl> | 2022-09-10 10:53:34 +0300 |
---|---|---|
committer | Aleksander Machniak <alec@alec.pl> | 2022-09-10 10:53:34 +0300 |
commit | 2847154cd0b11d4dead83507b8b272d8509d9aaa (patch) | |
tree | 0226cc298677bd9c86848ecdb1d3d1d197e991d9 | |
parent | 4d687f15a851d093300265fc7203807574fec3f3 (diff) |
Fix bug where multiline data:image URI's in emails were stripped from the message on display (#8613)
-rw-r--r-- | CHANGELOG.md | 1 | ||||
-rw-r--r-- | program/lib/Roundcube/rcube_washtml.php | 2 | ||||
-rw-r--r-- | tests/Framework/Washtml.php | 13 |
3 files changed, 15 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 441cdc92a..90b6946c2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -21,6 +21,7 @@ - Fix bug where setting 'Clear Trash on Logout' to 'all messages' didn't work (#8687) - Fix bug where the attachment menu wouldn't disappear after an action is selected (#8691) - Fix bug where some dialogs in an eml attachment preview would not close on mobile (#8627) +- Fix bug where multiline data:image URI's in emails were stripped from the message on display (#8613) ## Release 1.6.0 diff --git a/program/lib/Roundcube/rcube_washtml.php b/program/lib/Roundcube/rcube_washtml.php index 7a0ce8e64..78db69e0c 100644 --- a/program/lib/Roundcube/rcube_washtml.php +++ b/program/lib/Roundcube/rcube_washtml.php @@ -427,7 +427,7 @@ class rcube_washtml return $this->config['blocked_src']; } } - else if ($is_image && preg_match('/^data:image\/([^,]+),(.+)$/i', $uri, $matches)) { // RFC2397 + else if ($is_image && preg_match('/^data:image\/([^,]+),(.+)$/is', $uri, $matches)) { // RFC2397 // svg images can be insecure, we'll sanitize them if (stripos($matches[1], 'svg') !== false) { $svg = $matches[2]; diff --git a/tests/Framework/Washtml.php b/tests/Framework/Washtml.php index 399955c34..b49007fde 100644 --- a/tests/Framework/Washtml.php +++ b/tests/Framework/Washtml.php @@ -50,6 +50,19 @@ class Framework_Washtml extends PHPUnit\Framework\TestCase } /** + * Test data:image with newlines (#8613) + */ + function test_data_image_with_newline() + { + $html = "<p><img src=\"data:image/png;base64,12345\n\t67890\" /></p>"; + + $washer = new rcube_washtml; + $washed = $washer->wash($html); + + $this->assertSame("<p><img src=\"data:image/png;base64,12345\n\t67890\" /></p>", $this->cleanupResult($washed)); + } + + /** * Test XSS in area's href (#5240) */ function test_href_area() |