Skip to content

Commit

Permalink
fix(mail(css)): improve CSS sanitization of at-rules
Browse files Browse the repository at this point in the history 
Fixes #5387
  • Loading branch information
@cgx
cgx committed Sep 8, 2021
1 parent b86852a commit e714a3f
Showing 1 changed file with 39 additions and 37 deletions.
76 changes: 39 additions & 37 deletions UI/MailPartViewers/UIxMailPartHTMLViewer.m
View file
Expand Up @@ -113,7 +113,7 @@ @interface _UIxHTMLMailContentHandler : NSObject <SaxContentHandler, SaxLexicalH
NSMutableString *result;
NSMutableString *css;
NSDictionary *attachmentIds;
int ignoredContent;
int ignoredContent, embeddedCSSLevel;
NSString *ignoreTag;
BOOL inBody;
BOOL inStyle;
Expand Down Expand Up @@ -210,6 +210,7 @@ - (void) startDocument
inStyle = NO;
inCSSDeclaration = NO;
hasEmbeddedCSS = NO;
embeddedCSSLevel = 0;
}

- (void) endDocument
Expand Down Expand Up @@ -347,21 +348,12 @@ - (void) _appendStyle: (unichar *) _chars
{
if (*currentChar == '}')
{
// Prefix CSS rule including ending curly bracket
inCSSDeclaration = NO;
if (hasEmbeddedCSS)
{
// End of at-rule definition; remove it from the stylesheet
hasEmbeddedCSS = NO;
start = currentChar + 1;
}
else
{
// Prefix CSS rule including ending curly bracket
length = (currentChar - start) + 1;
[declaration appendString: [NSString stringWithCharacters: start length: length]];
[css appendString: declaration];
start = currentChar + 1;
}
length = (currentChar - start) + 1;
[declaration appendString: [NSString stringWithCharacters: start length: length]];
[css appendString: declaration];
start = currentChar + 1;
}
else if (*currentChar == ';')
{
Expand Down Expand Up @@ -389,53 +381,63 @@ - (void) _appendStyle: (unichar *) _chars
{
if (*currentChar == '{')
{
// Start of rule declaration
inCSSDeclaration = YES;
if (!hasEmbeddedCSS)
if (hasEmbeddedCSS)
{
embeddedCSSLevel++;
}
else
{
// Start of rule declaration
inCSSDeclaration = YES;
length = (currentChar - start);
[rule appendFormat: @".SOGoHTMLMail-CSS-Delimiter %@ {",
[NSString stringWithCharacters: start length: length]];
[css appendString: rule];
rule = [NSMutableString string];
declaration = [NSMutableString string];
}
rule = [NSMutableString string];
declaration = [NSMutableString string];
start = currentChar + 1;
}
if (*currentChar == '}')
{
// CSS syntax error: ending declaration character while not in a CSS declaration.
// Ignore eveything from last CSS declaration.
start = currentChar + 1;
rule = [NSMutableString string];
}
else if (hasEmbeddedCSS)
{
if (*currentChar == ';')
if (hasEmbeddedCSS)
{
// End of at-rule definition; remove it from the stylesheet
hasEmbeddedCSS = NO;
start = currentChar + 1;
embeddedCSSLevel--;
if (embeddedCSSLevel <= 0)
hasEmbeddedCSS = NO;
}
else
{
// CSS syntax error: ending declaration character while not in a CSS declaration.
// Ignore eveything from last CSS declaration.
rule = [NSMutableString string];
}
start = currentChar + 1;
}
else if (*currentChar == ',')
{
// Prefix CSS selector
length = (currentChar - start);
[rule appendFormat: @" .SOGoHTMLMail-CSS-Delimiter %@,",
[NSString stringWithCharacters: start length: length]];
if (!hasEmbeddedCSS)
{
// Prefix CSS selector
length = (currentChar - start);
[rule appendFormat: @" .SOGoHTMLMail-CSS-Delimiter %@,",
[NSString stringWithCharacters: start length: length]];
}
start = currentChar + 1;
}
else if (*currentChar == '@')
{
// Start of at-rule definition
hasEmbeddedCSS = YES;
embeddedCSSLevel = 0;
}
}
}
if (currentChar > start)
[css appendString: [NSString stringWithCharacters: start
length: (currentChar - start)]];
{
[css appendString: [NSString stringWithCharacters: start
length: (currentChar - start)]];
}
}

- (void) startElement: (NSString *) _localName
Expand Down

0 comments on commit e714a3f

Please sign in to comment.