From 3c26e04c52b125561766a7e5216871f273889683 Mon Sep 17 00:00:00 2001
From: Francis Lachapelle <flachapelle@inverse.ca>
Date: Thu, 13 Jan 2022 17:03:57 -0500
Subject: [PATCH] fix(mail(html)): remove "rel" attribute from sanitized HTML
 mails

We already add the rel="noopener" to external links, so it's probably
safe to remove it from all tags.
---
 UI/MailPartViewers/UIxMailPartHTMLViewer.m | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/UI/MailPartViewers/UIxMailPartHTMLViewer.m b/UI/MailPartViewers/UIxMailPartHTMLViewer.m
index 7c4f7a95e..be794fa67 100644
--- a/UI/MailPartViewers/UIxMailPartHTMLViewer.m
+++ b/UI/MailPartViewers/UIxMailPartHTMLViewer.m
@@ -538,6 +538,10 @@ _xmlCharsetForCharset (NSString *charset)
                   if ([lowerValue rangeOfString: @"url"].location != NSNotFound)
                     name = [NSString stringWithFormat: @"unsafe-%@", name];
                 }
+	      else if ([name isEqualToString: @"rel"])
+		{
+		  skipAttribute = YES;
+		}
 	      else if ([name hasPrefix: @"on"])
 		{
                   // on Events