HTML outside the head or body is too dangerous to include

2026-06-19 10:50:21 +01:00 · 2017-04-19 18:41:09 -07:00
parent eaf63ebc48
commit 77e6bc2a00
1 changed files with 2 additions and 2 deletions
--- a/mailboxes/folders-lib.pl
+++ b/mailboxes/folders-lib.pl
@@ -2287,10 +2287,10 @@ sub safe_html
 {
 local $html = $_[0];
 local $bodystuff;
-if ($html =~ s/^([\000-\377]*?)<BODY([^>]*)>/$1/i) {
+if ($html =~ s/^[\000-\377]*?<BODY([^>]*)>//i) {
 	$bodystuff = $1;
 	}
-$html =~ s/<\/BODY>([\000-\377]*)$/$1/i;
+$html =~ s/<\/BODY>[\000-\377]*$//i;
 $html =~ s/<base[^>]*>//i;
 $html = &filter_javascript($html);
 $html = &safe_urls($html);