Skip to content

Commit

Permalink
fix(mail(js)): ban all "on*" events attributes from HTML tags
Browse files Browse the repository at this point in the history
  • Loading branch information
@cgx
cgx committed Apr 4, 2022
1 parent 0f3d7dc commit f38eded
Showing 1 changed file with 2 additions and 34 deletions.
36 changes: 2 additions & 34 deletions UI/MailPartViewers/UIxMailPartHTMLViewer.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -340,7 +340,8 @@ - (void) startElement: (NSString *) _localName
{
skipAttribute = NO;
name = [[_attributes nameAtIndex: count] lowercaseString];
if ([name hasPrefix: @"ON"])
if ([name hasPrefix: @"on"])
// on Events
skipAttribute = YES;
else if ([name isEqualToString: @"src"])
{
Expand Down Expand Up @@ -385,39 +386,6 @@ - (void) startElement: (NSString *) _localName
if ([value rangeOfString: @"url" options: NSCaseInsensitiveSearch].location != NSNotFound)
name = [NSString stringWithFormat: @"unsafe-%@", name];
}
else if (
// Mouse Events
[name isEqualToString: @"onclick"] ||
[name isEqualToString: @"ondblclick"] ||
[name isEqualToString: @"onmousedown"] ||
[name isEqualToString: @"onmousemove"] ||
[name isEqualToString: @"onmouseout"] ||
[name isEqualToString: @"onmouseup"] ||
[name isEqualToString: @"onmouseover"] ||

// Keyboard Events
[name isEqualToString: @"onkeydown"] ||
[name isEqualToString: @"onkeypress"] ||
[name isEqualToString: @"onkeyup"] ||

// Frame/Object Events
[name isEqualToString: @"onabort"] ||
[name isEqualToString: @"onerror"] ||
[name isEqualToString: @"onload"] ||
[name isEqualToString: @"onresize"] ||
[name isEqualToString: @"onscroll"] ||
[name isEqualToString: @"onunload"] ||

// Form Events
[name isEqualToString: @"onblur"] ||
[name isEqualToString: @"onchange"] ||
[name isEqualToString: @"onfocus"] ||
[name isEqualToString: @"onreset"] ||
[name isEqualToString: @"onselect"] ||
[name isEqualToString: @"onsubmit"])
{
skipAttribute = YES;
}
else
value = [_attributes valueAtIndex: count];

Expand Down

0 comments on commit f38eded

Please sign in to comment.