Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

[dev] [PATCH] CSS Code is displayed on top of HTML messages

5 views
Skip to first unread message

Malte Wedel

unread,
May 28, 2004, 8:00:36 AM5/28/04
to
This message is in MIME format.

---MOQ10857456597831fd43535a29503c43ef65cb98871c
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit

Hello,

I found a little bug in imp/lib/MIME/Viewer/html.php (RELENG). The code that
trys to comment out style-tags runs after the code, that converts malicious
tags to "<cleaned_tag>", where the style-tag is included. I did not look into
HEAD, but I assume it is the same there.

This is my patch. It just removes the style-tag from the malicious tags:

--- html.php.orig Fri May 28 13:35:41 2004
+++ html.php Fri May 28 13:53:40 2004
@@ -101,8 +101,7 @@
'|<([^>]*)meta|i',
'|<([^>]*)j\sa\sv\sa|i',
'|<([^>]*)object|i',
- '|<([^>]*)iframe|i',
- '|<(\s*)style|i');
+ '|<([^>]*)iframe|i');
$data = preg_replace($malicious, '<cleaned_tag', $data);

/* Comment out style/link tags. */

Regards,
Malte

---MOQ10857456597831fd43535a29503c43ef65cb98871c
Content-Type: text/plain; name="html.php.patch"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="html.php.patch"

LS0tIGh0bWwucGhwLm9yaWcgICAgICAgRnJpIE1heSAyOCAxMzozNTo0MSAyMDA0DQorKysgaHRt
bC5waHAgICAgRnJpIE1heSAyOCAxMzo1Mzo0MCAyMDA0DQpAQCAtMTAxLDggKzEwMSw3IEBADQog
ICAgICAgICAgICAgICAgICAgICAgICAgICAgJ3w8KFtePl0qKW1ldGF8aScsDQogICAgICAgICAg
ICAgICAgICAgICAgICAgICAgJ3w8KFtePl0qKWpcc2Fcc3Zcc2F8aScsDQogICAgICAgICAgICAg
ICAgICAgICAgICAgICAgJ3w8KFtePl0qKW9iamVjdHxpJywNCi0gICAgICAgICAgICAgICAgICAg
ICAgICAgICAnfDwoW14+XSopaWZyYW1lfGknLA0KLSAgICAgICAgICAgICAgICAgICAgICAgICAg
ICd8PChccyopc3R5bGV8aScpOw0KKyAgICAgICAgICAgICAgICAgICAgICAgICAgICd8PChbXj5d
KilpZnJhbWV8aScpOw0KICAgICAgICAgJGRhdGEgPSBwcmVnX3JlcGxhY2UoJG1hbGljaW91cywg
JzxjbGVhbmVkX3RhZycsICRkYXRhKTsNCg0KICAgICAgICAgLyogQ29tbWVudCBvdXQgc3R5bGUv
bGluayB0YWdzLiAqLw0K

---MOQ10857456597831fd43535a29503c43ef65cb98871c
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


--
Horde developers mailing list - Join the hunt: http://horde.org/bounties/
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: dev-uns...@lists.horde.org

---MOQ10857456597831fd43535a29503c43ef65cb98871c--

Chuck Hagenbuch

unread,
May 28, 2004, 9:56:05 AM5/28/04
to
Quoting Malte Wedel <i...@malte.de>:

> I found a little bug in imp/lib/MIME/Viewer/html.php (RELENG). The code that
> trys to comment out style-tags runs after the code, that converts malicious
> tags to "<cleaned_tag>", where the style-tag is included. I did not look into
> HEAD, but I assume it is the same there.
>
> This is my patch. It just removes the style-tag from the malicious tags:

Why do you assume this is an error?

-chuck

--
"Regard my poor demoralized mule!" - Juan Valdez

0 new messages