* bytes). If exceeded, the user will only be able to download the part.
* Set to 0 to disable this check. */
'limit_inline_size' => 1048576,
- /* Run 'tidy' on all HTML output? This requires at least version 2.0 of the
- * PECL 'tidy' extension to be installed on your system. */
- 'tidy' => false,
/* Check for phishing exploits? */
'phishing_check' => true
);
See http://www.php.net/openssl for information on compiling OpenSSL
into PHP.
- b. tidy ``--with-tidy``
-
- The tidy PHP extension is required if you want IMP to sanitize the
- output of HTML messages before displaying to the user and if you want
- to clean and repair outgoing HTML messages composed via the HTML
- composition mode. See ``imp/config/mime_drivers.php.dist`` for
- further instructions on how to enable this feature.
-
3. The following PEAR modules:
(See `horde/docs/INSTALL`_ for instructions on installing PEAR modules)
$htmlBody->setCharset($charset);
$htmlBody->setDisposition('inline');
$htmlBody->setDescription(Horde_String::convertCharset(_("HTML Version of Message"), $nls_charset, $charset));
-
- /* Run tidy on the HTML, if available. */
- if ($tidy_config = IMP::getTidyConfig(strlen($body_html))) {
- $tidy = tidy_parse_string(Horde_String::convertCharset($body_html, $charset, 'UTF-8'), $tidy_config, 'utf8');
- $tidy->cleanRepair();
- $htmlBody->setContents(Horde_String::convertCharset(tidy_get_output($tidy), 'UTF-8', $charset));
- } else {
- $htmlBody->setContents($body_html);
- }
+ $htmlBody->setContents(Horde_Text_Filter::filter($msg, 'cleanhtml', array('charset' => $charset)));
$textBody->setDescription(Horde_String::convertCharset(_("Plaintext Version of Message"), $nls_charset, $charset));
}
}
- /* Run tidy on the HTML. */
- if (($mode == 'html)' &&
- ($tidy_config = IMP::getTidyConfig($part->getBytes())))) {
- $tidy_config['show-body-only'] = true;
- $tidy = tidy_parse_string(Horde_String::convertCharset($msg, $charset, 'UTF-8'), $tidy_config, 'UTF8');
- $tidy->cleanRepair();
- $msg = Horde_String::convertCharset(tidy_get_output($tidy), 'UTF-8', $charset);
- }
-
if ($mode == 'html') {
- $msg = Horde_Text_Filter::filter($msg, 'xss', array('body_only' => true, 'strip_styles' => true, 'strip_style_attributes' => false));
+ $msg = Horde_Text_Filter::filter($msg, array('cleanhtml', 'xss'), array(array('body_only' => true, 'charset' => $charset), array('body_only' => true, 'strip_styles' => true, 'strip_style_attributes' => false)));
} elseif ($type == 'text/html') {
$msg = Horde_Text_Filter::filter($msg, 'html2text', array('charset' => $charset));
$type = 'text/plain';
}
/**
- * Determines if the tidy extension is available and is the correct
- * version. Returns the config array.
- *
- * @param integer $size Size of the HTML data, in bytes.
- *
- * @return mixed The config array, or false if tidy is not available.
- */
- static public function getTidyConfig($size)
- {
- if (!Horde_Util::extensionExists('tidy') ||
- function_exists('tidy_load_config') &&
- ($size > 250000)) {
- return false;
- }
-
- return array(
- 'wrap' => 0,
- 'indent' => true,
- 'indent-spaces' => 4,
- 'tab-size' => 4,
- 'output-xhtml' => true,
- 'enclose-block-text' => true,
- 'hide-comments' => true,
- 'numeric-entities' => true
- );
- }
-
- /**
* Outputs the necessary script tags, honoring local configuration
* choices as to script caching.
*/
$msg_charset = $charset;
}
- /* Run tidy on the HTML. */
- if ($this->getConfigParam('tidy') &&
- ($tidy_config = IMP::getTidyConfig(Horde_String::length($data)))) {
- if ($msg_charset == 'us-ascii') {
- $tidy = tidy_parse_string($data, $tidy_config, 'ascii');
- $tidy->cleanRepair();
- $data = tidy_get_output($tidy);
- } else {
- $tidy = tidy_parse_string(Horde_String::convertCharset($data, $msg_charset, 'UTF-8'), $tidy_config, 'utf8');
- $tidy->cleanRepair();
- $data = Horde_String::convertCharset(tidy_get_output($tidy), 'UTF-8', $msg_charset);
- }
- }
-
/* Sanitize the HTML. */
$cleanhtml = $this->_cleanHTML($data, $inline);
$data = $cleanhtml['html'];
'descrip' => 'OpenSSL Support',
'error' => 'The openssl module is required to use S/MIME in IMP. Compile PHP with <code>--with-openssl</code> to activate.',
'fatal' => false
- ),
- 'tidy' => array(
- 'descrip' => 'Tidy support',
- 'error' => 'If the tidy PHP extension is available, IMP can use it to sanitize the output of HTML messages before displaying to the user, and to clean outgoing HTML messages created in the HTML composition mode. See <code>imp/docs/INSTALL</code> for more information.',
- 'fatal' => false,
)
);
projects / horde.git / commitdiff