james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Manuel Carrasco (JIRA)" <j...@apache.org>
Subject [jira] Updated: (HUPA-52) [patch] fixes dangerous-attributes removal regex
Date Sat, 14 Nov 2009 10:15:39 GMT

     [ https://issues.apache.org/jira/browse/HUPA-52?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Manuel Carrasco updated HUPA-52:
--------------------------------

    Attachment: regex_attrs.patch

> [patch] fixes dangerous-attributes removal regex
> ------------------------------------------------
>
>                 Key: HUPA-52
>                 URL: https://issues.apache.org/jira/browse/HUPA-52
>             Project: JAMES Hupa
>          Issue Type: Bug
>          Components: server
>            Reporter: Manuel Carrasco
>            Assignee: Norman Maurer
>         Attachments: regex_attrs.patch
>
>
> This patch:
> - Modifies the regular expression with removes javascript attributtes (onclick, onmouse..,
etc) in order to avoid undesired javascript execution when an email is displayed, and makes
it recursive.
> - Fixes a case in the mail addresses detection when it is part of a Url
> - Removes ugly debug code

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message