From b3f541b87e69dd30f89df1bfb0ef1a2a36e3f3e3 Mon Sep 17 00:00:00 2001
From: Francis Lachapelle <flachapelle@inverse.ca>
Date: Mon, 5 Jun 2017 15:14:48 -0400
Subject: [PATCH] Sanitize whitelisted attributes of HTML tags

---
 UI/MailPartViewers/UIxMailPartHTMLViewer.m | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/UI/MailPartViewers/UIxMailPartHTMLViewer.m b/UI/MailPartViewers/UIxMailPartHTMLViewer.m
index bd7224829..2a62e8773 100644
--- a/UI/MailPartViewers/UIxMailPartHTMLViewer.m
+++ b/UI/MailPartViewers/UIxMailPartHTMLViewer.m
@@ -686,8 +686,7 @@ static NSData* _sanitizeContent(NSData *theData)
               
               if (!skipAttribute)
                 [resultPart appendFormat: @" %@=\"%@\"",
-                            name, [value stringByReplacingString: @"\""
-                                                      withString: @"\\\""]];
+                            name, [value safeStringByEscapingXMLString: NO]];
             }
           
           if ([VoidTags containsObject: lowerName])