amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-05-22 03:45:25 +00:00
Code Issues Projects Releases Wiki Activity

fix(mail(html)): remove "rel" attribute from sanitized HTML mails

Browse Source 
We already add the rel="noopener" to external links, so it's probably
safe to remove it from all tags.
This commit is contained in:
Francis Lachapelle
2022-01-13 17:03:57 -05:00
parent 68608c4e7f
commit 3c26e04c52
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
UI/MailPartViewers/UIxMailPartHTMLViewer.m
+4
View File
@@ -538,6 +538,10 @@ _xmlCharsetForCharset (NSString *charset)
if ([lowerValue rangeOfString: @"url"].location != NSNotFound)
name = [NSString stringWithFormat: @"unsafe-%@", name];
}
else if ([name isEqualToString: @"rel"])
{
skipAttribute = YES;
}
else if ([name hasPrefix: @"on"])
{
// on Events