one more identity action to process

[squirrelmail.git] / functions / mime.php

diff --git a/functions/mime.php b/functions/mime.php
index 7e0770077444a8f68acbd587966dacdc9641d467..a7fe59087bcb1ca40369f87151bd375bb5d2a1ea 100644 (file)
--- a/functions/mime.php
+++ b/functions/mime.php
@@ -388,7 +388,9 @@ function formatBody($imap_stream, $message, $color, $wrap_at, $ent_num, $id, $ma
                  * If we don't add html message between iframe tags,
                  * we must detect unsafe images and modify $has_unsafe_images.
                  */
-                $html_body =  magicHTML($body, $id, $message, $mailbox);
+                $html_body = magicHTML($body, $id, $message, $mailbox); 
+                // Convert character set in order to display html mails in different character set
+                $html_body = charset_decode($body_message->header->getParameter('charset'),$html_body,false,true);
 
                 // creating iframe url
                 $iframeurl=sqm_baseuri().'src/view_html.php?'
@@ -427,6 +429,12 @@ function formatBody($imap_stream, $message, $color, $wrap_at, $ent_num, $id, $ma
             } else {
                 // old way of html rendering
                 $body = magicHTML($body, $id, $message, $mailbox);
+                /**
+                 * convert character set. charset_decode does not remove html special chars 
+                 * applied by magicHTML functions and does not sanitize them second time if
+                 * fourth argument is true. 
+                 */ 
+                $body = charset_decode($body_message->header->getParameter('charset'),$body,false,true);
             }
         } else {
             translateText($body, $wrap_at,
@@ -2109,7 +2117,6 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX', $take_mailto_links
                         "\\1$secremoveimg\\2",
                         "\\1$secremoveimg\\2",
                         "\\1$secremoveimg\\2",
-                        "\\1$secremoveimg\\2"
                         )
                     ),
                 "/^href|action/i" =>
@@ -2120,7 +2127,6 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX', $take_mailto_links
                         "/^([\'\"])\s*about\s*:.*([\'\"])/si"
                         ),
                     Array(
-                        "\\1#\\1",
                         "\\1#\\1",
                         "\\1#\\1",
                         "\\1#\\1"
@@ -2148,8 +2154,6 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX', $take_mailto_links
                     "url(\\1#\\1)",
                     "url(\\1#\\1)",
                     "url(\\1#\\1)",
-                    "url(\\1#\\1)",
-                    "url(\\1#\\1)",
                     "\\1:url(\\2#\\3)"
                     )
                 )
@@ -2168,7 +2172,7 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX', $take_mailto_links
         array_push($bad_attvals{'/.*/'}{'/^src|background/i'}[1],
                 "\\1$secremoveimg\\1");
         array_push($bad_attvals{'/.*/'}{'/^style/i'}[0],
-                '/url\(([\'\"])\s*https*:.*([\'\"])\)/si');
+                '/url\([\'\"]?https?:[^\)]*[\'\"]?\)/si');
         array_push($bad_attvals{'/.*/'}{'/^style/i'}[1],
                 "url(\\1$secremoveimg\\1)");
     }