From f9cabaf874993959d6cc26095e153b074ffcb375 Mon Sep 17 00:00:00 2001
From: teepe <teepe@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Sun, 24 Feb 2002 21:58:51 +0000
Subject: [PATCH] I applied the patch proposed in (patch #516542)
 https://sourceforge.net/tracker/index.php?func=detail&aid=516542&group_id=311&atid=300311

please all: be alert whether as to stripping dangerous html is still fully functional


git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@2513 7612ce4b-ef26-0410-bec9-ea0150e637f0
---
 ChangeLog          | 1 +
 functions/mime.php | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index a6c0e5d6..5eaa2473 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,7 @@ Version 1.2.6 -- CVS
 --------------------
   - Fixed resume draft bug #513521, #514639
   - Newmail plugin: admin can disablethe use of audio (patch #517698)
+  - Fixed quoting problem in safe html (patch #516542)
 	
 Version 1.2.5 -- 22 February 2002
 ---------------------------------
diff --git a/functions/mime.php b/functions/mime.php
index 6973c86e..92927d68 100644
--- a/functions/mime.php
+++ b/functions/mime.php
@@ -1168,10 +1168,12 @@ function stripEvent( &$i, $j, &$body, $id, $base ) {
                     $src .= $body{$k};
                     $k++;
                 }
+                $k++;
                 while( !isNoSep( $body{$k} ) &&
                        $k < $j ) {
                     $k++;
                 }
+                $k++;
                 if ( strtolower( substr( $src, 0, 4 ) ) == 'cid:' ) {
                     $src = substr( $src, 4 );
                     $src = "../src/download.php?absolute_dl=true&amp;passed_id=$id&amp;mailbox=" .
-- 
2.25.1