From c6dbb88dc161c820518c118f0a2cb7544c4ac993 Mon Sep 17 00:00:00 2001
From: Francis Lachapelle <flachapelle@inverse.ca>
Date: Tue, 22 Aug 2017 10:02:28 -0400
Subject: [PATCH] Simplify sanitization of accepted HTML attributes

This will avoid converting & to an HTML entity.
---
 UI/MailPartViewers/UIxMailPartHTMLViewer.m | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/UI/MailPartViewers/UIxMailPartHTMLViewer.m b/UI/MailPartViewers/UIxMailPartHTMLViewer.m
index 2a62e8773..5ec3af6a9 100644
--- a/UI/MailPartViewers/UIxMailPartHTMLViewer.m
+++ b/UI/MailPartViewers/UIxMailPartHTMLViewer.m
@@ -686,7 +686,8 @@ static NSData* _sanitizeContent(NSData *theData)
               
               if (!skipAttribute)
                 [resultPart appendFormat: @" %@=\"%@\"",
-                            name, [value safeStringByEscapingXMLString: NO]];
+                            name, [value stringByReplacingString: @"\""
+                                                  withString: @""]];
             }
           
           if ([VoidTags containsObject: lowerName])