From 676bb189f81c8eecc9e50516ae08809f1a941966 Mon Sep 17 00:00:00 2001
From: ebullient <ebullient@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Mon, 10 Mar 2003 07:08:15 +0000
Subject: [PATCH] Fix some interesting behavior when adding a signature to a
 message that included personal names with quotes in them. I stumbled on to
 this, and Jon pointed out it was actually an XSS bug. Whee. ;)

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@4628 7612ce4b-ef26-0410-bec9-ea0150e637f0
---
 src/compose.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/compose.php b/src/compose.php
index c594a679..22a70278 100644
--- a/src/compose.php
+++ b/src/compose.php
@@ -853,6 +853,10 @@ function showInputForm ($session, $values=false) {
        $mailprio = $values['mailprio'];
        $body = $values['body'];
        $identity = (int) $values['identity'];
+    } else {
+       $send_to = decodeHeader($send_to);
+       $send_to_cc = decodeHeader($send_to_cc);
+       $send_to_bcc = decodeHeader($send_to_bcc);
     }
     
     if ($use_javascript_addr_book) {
-- 
2.25.1