mirror of
https://github.com/the-djmaze/snappymail.git
synced 2025-02-03 20:49:31 +08:00
Security fixes
This commit is contained in:
RainLoop Team
parent
12a2f324b2
commit
34ab65fc80
3 changed files with 33 additions and 5 deletions
|
|
@ -437,6 +437,17 @@ class HtmlUtils
|
|||
\MailSo\Base\HtmlUtils::FindLinksInDOM($oDom);
|
||||
}
|
||||
|
||||
$aNodes = $oDom->getElementsByTagName('*');
|
||||
foreach ($aNodes as /* @var $oElement \DOMElement */ $oElement)
|
||||
{
|
||||
if (\in_array(\strtolower($oElement->tagName), array('svg', 'head', 'link',
|
||||
'base', 'meta', 'title', 'style', 'script', 'bgsound', 'keygen', 'source',
|
||||
'object', 'embed', 'applet', 'mocha', 'iframe', 'frame', 'frameset', 'video', 'audio')) && isset($oElement->parentNode))
|
||||
{
|
||||
@$oElement->parentNode->removeChild($oElement);
|
||||
}
|
||||
}
|
||||
|
||||
$aNodes = $oDom->getElementsByTagName('*');
|
||||
foreach ($aNodes as /* @var $oElement \DOMElement */ $oElement)
|
||||
{
|
||||
|
|
@ -524,7 +535,8 @@ class HtmlUtils
|
|||
// }
|
||||
|
||||
foreach (array(
|
||||
'id', 'class', 'contenteditable', 'designmode', 'formaction', 'data-bind', 'xmlns'
|
||||
'id', 'class', 'contenteditable', 'designmode', 'formaction', 'data-bind', 'xmlns',
|
||||
'srcset'
|
||||
) as $sAttr)
|
||||
{
|
||||
@$oElement->removeAttribute($sAttr);
|
||||
|
|
@ -552,6 +564,8 @@ class HtmlUtils
|
|||
|
||||
if ($oElement->hasAttribute('src'))
|
||||
{
|
||||
// file_put_contents('f:/fff', $oElement->getAttribute('src')."\r\n", FILE_APPEND);
|
||||
|
||||
$sSrc = \trim($oElement->getAttribute('src'));
|
||||
$oElement->removeAttribute('src');
|
||||
|
||||
|
|
|
|||
|
|
@ -1043,8 +1043,19 @@ class Utils
|
|||
*/
|
||||
public static function ClearFileName($sFileName)
|
||||
{
|
||||
return \preg_replace('/[\s]+/', ' ',
|
||||
\str_replace(array('"', '/', '\\', '*', '?', '<', '>', '|', ':'), ' ', $sFileName));
|
||||
return \MailSo\Base\Utils::ClearNullBite(\preg_replace('/[\s]+/', ' ',
|
||||
\str_replace(array('"', '/', '\\', '*', '?', '<', '>', '|', ':'), ' ', $sFileName)));
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $sValue
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public static function ClearXss($sValue)
|
||||
{
|
||||
return \MailSo\Base\Utils::ClearNullBite(
|
||||
\str_replace(array('"', '/', '\\', '*', '?', '<', '>', '|', ':'), ' ', $sValue));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -6992,9 +6992,11 @@ class Actions
|
|||
'Folder' => $mResult['Folder'],
|
||||
'Uid' => $mResult['Uid'],
|
||||
'MimeType' => 'message/rfc822',
|
||||
'FileName' => (0 === \strlen($sSubject) ? 'message-'.$mResult['Uid'] : $sSubject).'.eml'
|
||||
'FileName' => (0 === \strlen($sSubject) ? 'message-'.$mResult['Uid'] : \MailSo\Base\Utils::ClearXss($sSubject)).'.eml'
|
||||
));
|
||||
|
||||
|
||||
|
||||
// Flags
|
||||
$aFlags = $mResponse->FlagsLowerCase();
|
||||
$mResult['IsSeen'] = \in_array('\\seen', $aFlags);
|
||||
|
|
@ -7177,7 +7179,8 @@ class Actions
|
|||
'Uid' => (string) $mResponse->Uid(),
|
||||
'MimeIndex' => (string) $mResponse->MimeIndex(),
|
||||
'MimeType' => $mResponse->MimeType(),
|
||||
'FileName' => $mResponse->FileName(true),
|
||||
'FileName' => \MailSo\Base\Utils::ClearFileName(
|
||||
\MailSo\Base\Utils::ClearXss($mResponse->FileName(true))),
|
||||
'EstimatedSize' => $mResponse->EstimatedSize(),
|
||||
'CID' => $mResponse->Cid(),
|
||||
'ContentLocation' => $mResponse->ContentLocation(),
|
||||
|
|
|
|||
Loading…
Reference in a new issue