Opened 13 years ago

Closed 13 years ago

#456 closed defect (duplicate)

html message image not blocked

Reported by: dmorton Owned by: dmorton
Priority: normal Milestone: 1.0.3
Component: PHP scripts Version: 1.0.2
Severity: major Keywords:
Cc:

Description

A message slipped through the image masking:

<td
background="http://example.com/announce_1.gif"
valign=center height=57>

More html cleanup is need to block that image.

Change History (2)

comment:1 Changed 13 years ago by anonymous

Maybe we should look into http://htmlpurifier.org/comparison.html

comment:2 Changed 13 years ago by rjl

  • Resolution set to duplicate
  • Status changed from new to closed

This is effectively a duplicate of #26, namely the need for better HTML

sanitization in the mail viewer. The link to HTML Purifier has been added to that ticket.

Note: See TracTickets for help on using tickets.