Ticket #410 (closed defeito: fixed)

Opened 11 years ago

Last modified 9 years ago

Remoção de código malicioso no email

Reported by: amuller Owned by: amuller
Priority: grave Milestone:
Component: ExpressoMail Version: 1.0
Severity: Keywords: malicioso tag proibida código segurança
Cc: WorkGroup:

Description

O usuário pode querer colocar código com tags maliciosas no email do expressoMail.

O ideal é arrancar todos os tratamentos das tags como onclick, e onkeypress

Change History

comment:1 follow-up: ↓ 2 Changed 11 years ago by amuller

  • Status changed from new to assigned

Quem quiser usufruir da correção enquanto isso não fecha é só adicionar na linha 754 do class.imap_functions.php:

Malicious Code Remove

$dirtyCodePattern = "/(<([\w]+)([>]*)on(mouse(move|over|down|up)|load|blur|change|click|dblclick|focus|key(down|up|press)|select)=\"[>\"]*\"([>]*)>)(.*)(<\/
2>)?/isU";

preg_match_all($dirtyCodePattern,$body,$rest,PREG_PATTERN_ORDER); foreach($rest[0] as $i => $val)

$body = str_replace($rest[1][$i],"<".$rest[2][$i].$rest[3][$i].$rest[7][$i].">",$body);

comment:2 in reply to: ↑ 1 Changed 11 years ago by amuller

Replying to amuller:

Quem quiser usufruir da correção enquanto isso não fecha é só adicionar na linha 754 do class.imap_functions.php:

// Malicious Code Remove
  $dirtyCodePattern = "/(<([\w]+)([^>]*)on(mouse(move|over|down|up)|load|blur|change|click|dblclick|focus|key(down|up|press)|select)=\"[^>\"]*\"([^>]*)>)(.*)(<\/\\2>)?/isU";
 preg_match_all($dirtyCodePattern,$body,$rest,PREG_PATTERN_ORDER);
 foreach($rest[0] as $i => $val)
     $body = str_replace($rest[1][$i],"<".$rest[2][$i].$rest[3][$i].$rest[7][$i].">",$body);

comment:3 Changed 11 years ago by amuller

2340 do repos da celepar tem a solução

comment:4 Changed 11 years ago by amuller

  • Milestone changed from Expresso Mail 1.234 to Expresso Mail 1.233

comment:5 Changed 11 years ago by niltonneto

  • Status changed from assigned to closed
  • Resolution set to fixed

Implementado em [650]

comment:6 Changed 9 years ago by niltonneto

  • Milestone Expresso Mail 1.233 deleted

Milestone Expresso Mail 1.233 deleted

Note: See TracTickets for help on using tickets.