fix(mail(js)): ban all "on*" events attributes from HTML tags

Alinto · Nov 8, 2021 · a5c315f · a5c315f
1 parent d43b28c
commit a5c315f
Showing 1 changed file with 2 additions and 54 deletions.
diff --git a/UI/MailPartViewers/UIxMailPartHTMLViewer.m b/UI/MailPartViewers/UIxMailPartHTMLViewer.m
@@ -534,61 +534,9 @@ - (void) startElement: (NSString *) _localName
                   if ([value rangeOfString: @"url" options: NSCaseInsensitiveSearch].location != NSNotFound)
                     name = [NSString stringWithFormat: @"unsafe-%@", name];
                 }
-	      else if (
-		       // Mouse Events
-		       [name isEqualToString: @"onclick"] ||
-		       [name isEqualToString: @"ondblclick"] ||
-		       [name isEqualToString: @"onmousedown"] ||
-		       [name isEqualToString: @"onmousemove"] ||
-		       [name isEqualToString: @"onmouseout"] ||
-		       [name isEqualToString: @"onmouseup"] ||
-		       [name isEqualToString: @"onmouseover"] ||
-                       [name isEqualToString: @"onpointerrawupdate"] ||
-
-		       // Keyboard Events
-		       [name isEqualToString: @"onkeydown"] ||
-		       [name isEqualToString: @"onkeypress"] ||
-		       [name isEqualToString: @"onkeyup"] ||
-
-		       // Frame/Object Events
-		       [name isEqualToString: @"onabort"] ||
-		       [name isEqualToString: @"onerror"] ||
-		       [name isEqualToString: @"onload"] ||
-		       [name isEqualToString: @"onresize"] ||
-		       [name isEqualToString: @"onscroll"]  ||
-		       [name isEqualToString: @"onunload"] ||
-
-		       // Form Events
-		       [name isEqualToString: @"onblur"] ||
-		       [name isEqualToString: @"onchange"] ||
-		       [name isEqualToString: @"onfocus"] ||
-		       [name isEqualToString: @"onreset"] ||
-		       [name isEqualToString: @"onselect"] ||
-		       [name isEqualToString: @"onsubmit"] ||
-
-                       // Media Events
-                       [name isEqualToString: @"oncanplay"] ||
-                       [name isEqualToString: @"oncanplaythrough"] ||
-                       [name isEqualToString: @"oncuechange"] ||
-                       [name isEqualToString: @"ondurationchange"] ||
-                       [name isEqualToString: @"onemptied"] ||
-                       [name isEqualToString: @"onended"] ||
-                       [name isEqualToString: @"onloadeddata"] ||
-                       [name isEqualToString: @"onloadedmetadata"] ||
-                       [name isEqualToString: @"onloadstart"] ||
-                       [name isEqualToString: @"onpause"] ||
-                       [name isEqualToString: @"onplay"] ||
-                       [name isEqualToString: @"onplaying"] ||
-                       [name isEqualToString: @"onprogress"] ||
-                       [name isEqualToString: @"onratechange"] ||
-                       [name isEqualToString: @"onseeked"] ||
-                       [name isEqualToString: @"onseeking"] ||
-                       [name isEqualToString: @"onstalled"] ||
-                       [name isEqualToString: @"onsuspend"] ||
-                       [name isEqualToString: @"ontimeupdate"] ||
-                       [name isEqualToString: @"onvolumechange"] ||
-                       [name isEqualToString: @"onwaiting"])
+	      else if ([name hasPrefix: @"on"])
 		{
+                  // on Events
 		  skipAttribute = YES;
 		}
               else