From 1d935bc2c1b95c85bebc533b1422e9fd63187146 Mon Sep 17 00:00:00 2001
From: kink <kink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Thu, 23 Feb 2006 13:50:08 +0000
Subject: [PATCH] also need to get u\rl outside of style blocks; do not try to
 correct them since they are obviously malicious

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@10817 7612ce4b-ef26-0410-bec9-ea0150e637f0
---
 functions/mime.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/functions/mime.php b/functions/mime.php
index 14ad942c..f3319390 100644
--- a/functions/mime.php
+++ b/functions/mime.php
@@ -2164,6 +2164,7 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX', $take_mailto_links
                     "/behaviou*r/i",
                     "/include-source/i",
                     "/position\s*:\s*absolute/i",
+                    "/(\\\\)?u(\\\\)?r(\\\\)?l(\\\\)?/i",
                     "/url\s*\(\s*([\'\"])\s*\S+script\s*:.*([\'\"])\s*\)/si",
                     "/url\s*\(\s*([\'\"])\s*mocha\s*:.*([\'\"])\s*\)/si",
                     "/url\s*\(\s*([\'\"])\s*about\s*:.*([\'\"])\s*\)/si",
@@ -2176,6 +2177,7 @@ function magicHTML($body, $id, $message, $mailbox = 'INBOX', $take_mailto_links
                     "idiocy",
                     "idiocy",
                     "",
+                    "idiocy",
                     "url(\\1#\\1)",
                     "url(\\1#\\1)",
                     "url(\\1#\\1)",
-- 
2.25.1