|
@@ -1340,9 +1340,9 @@ function sq_fixstyle($message, $id, $content){
|
|
|
* Fix stupid css declarations which lead to vulnerabilities
|
|
* Fix stupid css declarations which lead to vulnerabilities
|
|
|
* in IE.
|
|
* in IE.
|
|
|
*/
|
|
*/
|
|
|
- $match = Array('/expression/si',
|
|
|
|
|
- '/behaviou*r/si',
|
|
|
|
|
- '/binding/si');
|
|
|
|
|
|
|
+ $match = Array('/expression/i',
|
|
|
|
|
+ '/behaviou*r/i',
|
|
|
|
|
+ '/binding/i');
|
|
|
$replace = Array('idiocy', 'idiocy', 'idiocy');
|
|
$replace = Array('idiocy', 'idiocy', 'idiocy');
|
|
|
$content = preg_replace($match, $replace, $content);
|
|
$content = preg_replace($match, $replace, $content);
|
|
|
return $content;
|
|
return $content;
|
|
@@ -1644,10 +1644,10 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
|
|
|
"/^src|background/i" =>
|
|
"/^src|background/i" =>
|
|
|
Array(
|
|
Array(
|
|
|
Array(
|
|
Array(
|
|
|
- "|^([\'\"])\s*\.\./.*([\'\"])|i",
|
|
|
|
|
- "/^([\'\"])\s*\S+script\s*:.*([\'\"])/i",
|
|
|
|
|
- "/^([\'\"])\s*mocha\s*:*.*([\'\"])/i",
|
|
|
|
|
- "/^([\'\"])\s*about\s*:.*([\'\"])/i"
|
|
|
|
|
|
|
+ "|^([\'\"])\s*\.\./.*([\'\"])|si",
|
|
|
|
|
+ "/^([\'\"])\s*\S+script\s*:.*([\'\"])/si",
|
|
|
|
|
+ "/^([\'\"])\s*mocha\s*:*.*([\'\"])/si",
|
|
|
|
|
+ "/^([\'\"])\s*about\s*:.*([\'\"])/si"
|
|
|
),
|
|
),
|
|
|
Array(
|
|
Array(
|
|
|
"\\1$secremoveimg\\2",
|
|
"\\1$secremoveimg\\2",
|
|
@@ -1659,10 +1659,10 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
|
|
|
"/^href|action/i" =>
|
|
"/^href|action/i" =>
|
|
|
Array(
|
|
Array(
|
|
|
Array(
|
|
Array(
|
|
|
- "|^([\'\"])\s*\.\./.*([\'\"])|i",
|
|
|
|
|
- "/^([\'\"])\s*\S+script\s*:.*([\'\"])/i",
|
|
|
|
|
- "/^([\'\"])\s*mocha\s*:*.*([\'\"])/i",
|
|
|
|
|
- "/^([\'\"])\s*about\s*:.*([\'\"])/i"
|
|
|
|
|
|
|
+ "|^([\'\"])\s*\.\./.*([\'\"])|si",
|
|
|
|
|
+ "/^([\'\"])\s*\S+script\s*:.*([\'\"])/si",
|
|
|
|
|
+ "/^([\'\"])\s*mocha\s*:*.*([\'\"])/si",
|
|
|
|
|
+ "/^([\'\"])\s*about\s*:.*([\'\"])/si"
|
|
|
),
|
|
),
|
|
|
Array(
|
|
Array(
|
|
|
"\\1#\\2",
|
|
"\\1#\\2",
|
|
@@ -1671,16 +1671,16 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
|
|
|
"\\1#\\2"
|
|
"\\1#\\2"
|
|
|
)
|
|
)
|
|
|
),
|
|
),
|
|
|
- "/^style/si" =>
|
|
|
|
|
|
|
+ "/^style/i" =>
|
|
|
Array(
|
|
Array(
|
|
|
Array(
|
|
Array(
|
|
|
- "/expression/si",
|
|
|
|
|
- "/binding/si",
|
|
|
|
|
- "/behaviou*r/si",
|
|
|
|
|
- "|url\(([\'\"])\s*\.\./.*([\'\"])\)|i",
|
|
|
|
|
- "/url\(([\'\"])\s*\S+script\s*:.*([\'\"])\)/i",
|
|
|
|
|
- "/url\(([\'\"])\s*mocha\s*:.*([\'\"])\)/i",
|
|
|
|
|
- "/url\(([\'\"])\s*about\s*:.*([\'\"])\)/i"
|
|
|
|
|
|
|
+ "/expression/i",
|
|
|
|
|
+ "/binding/i",
|
|
|
|
|
+ "/behaviou*r/i",
|
|
|
|
|
+ "|url\(([\'\"])\s*\.\./.*([\'\"])\)|si",
|
|
|
|
|
+ "/url\(([\'\"])\s*\S+script\s*:.*([\'\"])\)/si",
|
|
|
|
|
+ "/url\(([\'\"])\s*mocha\s*:.*([\'\"])\)/si",
|
|
|
|
|
+ "/url\(([\'\"])\s*about\s*:.*([\'\"])\)/si"
|
|
|
),
|
|
),
|
|
|
Array(
|
|
Array(
|
|
|
"idiocy",
|
|
"idiocy",
|
|
@@ -1703,7 +1703,7 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
|
|
|
* to false.
|
|
* to false.
|
|
|
*/
|
|
*/
|
|
|
array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[0],
|
|
array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[0],
|
|
|
- '/^([\'\"])\s*https*:.*([\'\"])/i');
|
|
|
|
|
|
|
+ '/^([\'\"])\s*https*:.*([\'\"])/si');
|
|
|
array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[1],
|
|
array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[1],
|
|
|
"\\1$secremoveimg\\2");
|
|
"\\1$secremoveimg\\2");
|
|
|
array_push($bad_attvals{'/.*/'}{'/^style/i'}[0],
|
|
array_push($bad_attvals{'/.*/'}{'/^style/i'}[0],
|
|
@@ -1713,7 +1713,7 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
$add_attr_to_tag = Array(
|
|
$add_attr_to_tag = Array(
|
|
|
- "/^a$/si" => Array('target'=>'"_new"')
|
|
|
|
|
|
|
+ "/^a$/i" => Array('target'=>'"_new"')
|
|
|
);
|
|
);
|
|
|
$trusted = sq_sanitize($body,
|
|
$trusted = sq_sanitize($body,
|
|
|
$tag_list,
|
|
$tag_list,
|
|
@@ -1727,7 +1727,7 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX') {
|
|
|
$id,
|
|
$id,
|
|
|
$mailbox
|
|
$mailbox
|
|
|
);
|
|
);
|
|
|
- if (preg_match("|$secremoveimg|si", $trusted)){
|
|
|
|
|
|
|
+ if (preg_match("|$secremoveimg|i", $trusted)){
|
|
|
$has_unsafe_images = true;
|
|
$has_unsafe_images = true;
|
|
|
}
|
|
}
|
|
|
return $trusted;
|
|
return $trusted;
|
graf25