extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-10-06 01:52:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

Escape html entities for mailto URI otherwise server wont let them pass through as it may get mistaken for html tag

Browse Source 
- Fix addressbook email action does not work for some emails, eg. Mathias <Mathias@example.com>
This commit is contained in:
Hadi Nategh 2015-12-03 11:07:03 +00:00
parent 91f9bb831b
commit 51a4da3204
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
phpgwapi/js/jsapi/egw_open.js
View File

@ -58,6 +58,13 @@ egw.extend('open', egw.MODULE_WND_LOCAL, function(_egw, _wnd)
var popup;
// Get open compose windows
var compose = egw.getOpenWindows("mail", /(^compose_)||(^mail.compose)/);
// Encode html entities in the URI, otheerwise server XSS protection wont
// allow it to pass, because it may get mistaken for some forbiden tags,
// e.g., "Mathias <mathias@example.com>" the first part of email "<mathias"
// including "<" would get mistaken for <math> tag, and server will cut it off.
uri = uri.replace(/</g,'&lt;').replace(/>/g,'&gt;');
if(compose.length == 0)
{
// No compose windows, might be no mail app.js