From: pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Tue, 27 Nov 2007 11:22:32 +0000 (+0000)
Subject: Make mailto: links work when viewing HTML messages.  Security folks, can this be... 
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=d75e755b837a8e9b58baa202ee91f3db7aeac81f;p=squirrelmail.git

Make mailto: links work when viewing HTML messages.  Security folks, can this be exploited?

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@12789 7612ce4b-ef26-0410-bec9-ea0150e637f0
---

diff --git a/functions/mime.php b/functions/mime.php
index 6112e3c6..d1511d22 100644
--- a/functions/mime.php
+++ b/functions/mime.php
@@ -1847,6 +1847,7 @@ function sq_fix_url($attname, &$attvalue, $message, $id, $mailbox,$sQuote = '"')
             $aUrl = parse_url($attvalue);
             if (isset($aUrl['scheme'])) {
                 switch(strtolower($aUrl['scheme'])) {
+                    case 'mailto':
                     case 'http':
                     case 'https':
                     case 'ftp':