Skip to content

Commit

Permalink
fix(mail): don't lowercase href/action/formaction attribute value
Browse files Browse the repository at this point in the history 
Fixes #5434
  • Loading branch information
@cgx
cgx committed Nov 26, 2021
1 parent d484c2b commit c4bb0de
Showing 1 changed file with 7 additions and 6 deletions.
13 changes: 7 additions & 6 deletions UI/MailPartViewers/UIxMailPartHTMLViewer.m
View file
Expand Up @@ -446,7 +446,7 @@ - (void) startElement: (NSString *) _localName
attributes: (id <SaxAttributes>) _attributes
{
unsigned int count, max;
NSString *name, *value, *cid, *lowerName;
NSString *name, *value, *cid, *lowerName, *lowerValue;
NSMutableString *resultPart;
BOOL skipAttribute;

Expand Down Expand Up @@ -518,11 +518,12 @@ - (void) startElement: (NSString *) _localName
|| [name isEqualToString: @"action"]
|| [name isEqualToString: @"formaction"])
{
value = [[_attributes valueAtIndex: count] lowercaseString];
skipAttribute = ([value rangeOfString: @"://"].location == NSNotFound
&& ![value hasPrefix: @"mailto:"]
&& ![value hasPrefix: @"#"]) ||
[value hasPrefix: @"javascript:"];
value = [_attributes valueAtIndex: count];
lowerValue = [value lowercaseString];
skipAttribute = ([lowerValue rangeOfString: @"://"].location == NSNotFound
&& ![lowerValue hasPrefix: @"mailto:"]
&& ![lowerValue hasPrefix: @"#"]) ||
[lowerValue hasPrefix: @"javascript:"];
if (!skipAttribute)
[resultPart appendString: @" rel=\"noopener\""];
}
Expand Down

0 comments on commit c4bb0de

Please sign in to comment.