Changeset c29b82d in github

Timestamp:

Dec 20, 2011 3:29:28 AM (17 months ago)

Author:

thomascube <thomas@…>

Branches:

master, HEAD, courier-fix, dev-browser-capabilities, pdo, release-0.8

Children:

bab0433

Parents:

1886349

Message:

Fix crashes with eAccelerator (#1488256)

Location:

program

Files:

• include/rcube_content_filter.php (added)
• steps/mail/get.inc (modified) (2 diffs)

program/steps/mail/get.inc

@@ -6 +6 @@
  |                                                                       |
  | This file is part of the Roundcube Webmail client                     |
- | Copyright (C) 2005-2009, The Roundcube Dev Team                       |
+ | Copyright (C) 2005-2011, The Roundcube Dev Team                       |
  | Licensed under the GNU GPL                                            |
  |                                                                       |
@@ -195 +195 @@
 
 
-
-/**
- * PHP stream filter to detect html/javascript code in attachments
- */
-class rcube_content_filter extends php_user_filter
-{
-  private $buffer = '';
-  private $cutoff = 2048;
-
-  function onCreate()
-  {
-    $this->cutoff = rand(2048, 3027);
-    return true;
-  }
-
-  function filter($in, $out, &$consumed, $closing)
-  {
-    while ($bucket = stream_bucket_make_writeable($in)) {
-      $this->buffer .= $bucket->data;
-
-      // check for evil content and abort
-      if (preg_match('/<(script|iframe|object)/i', $this->buffer))
-        return PSFS_ERR_FATAL;
-
-      // keep buffer small enough
-      if (strlen($this->buffer) > 4096)
-        $this->buffer = substr($this->buffer, $this->cutoff);
-
-      $consumed += $bucket->datalen;
-      stream_bucket_append($out, $bucket);
-    }
-
-    return PSFS_PASS_ON;
-  }
-}
-