[Svn] [roundcube/roundcubemail] 919338: Escape textarea contents in Washtml

GitHub noreply at github.com
Fri Aug 18 09:55:53 CEST 2017


  Branch: refs/heads/master
  Home:   https://github.com/roundcube/roundcubemail
  Commit: 919338d4ba89f1bed95670c88e2b3b132232ef1b
      https://github.com/roundcube/roundcubemail/commit/919338d4ba89f1bed95670c88e2b3b132232ef1b
  Author: Thomas Bruederli <thomas at roundcube.net>
  Date:   2017-08-18 (Fri, 18 Aug 2017)

  Changed paths:
    M program/lib/Roundcube/rcube_washtml.php
    M tests/Framework/Washtml.php

  Log Message:
  -----------
  Escape textarea contents in Washtml


  Commit: 1cfc024036ce24e1f80c9285cd98995996856012
      https://github.com/roundcube/roundcubemail/commit/1cfc024036ce24e1f80c9285cd98995996856012
  Author: Thomas Bruederli <thomas at roundcube.net>
  Date:   2017-08-18 (Fri, 18 Aug 2017)

  Changed paths:
    M program/steps/mail/func.inc
    M tests/MailFunc.php

  Log Message:
  -----------
  Modify links in html messages during Washtml DOM traversal

This is a more safe approach than using regex and mitigates
possible vulnerabilities using malformed html markup.


  Commit: 0463a9ab2f29888eac4f68ad3d53217fdd5d1cc0
      https://github.com/roundcube/roundcubemail/commit/0463a9ab2f29888eac4f68ad3d53217fdd5d1cc0
  Author: Thomas Bruederli <thomas at roundcube.net>
  Date:   2017-08-18 (Fri, 18 Aug 2017)

  Changed paths:
    M CHANGELOG

  Log Message:
  -----------
  Update changelog


Compare: https://github.com/roundcube/roundcubemail/compare/3918cb1d3218...0463a9ab2f29


More information about the svn mailing list