Skip to content

Commit

Permalink
Fix so templating system does not mess with external (e.g. email) con…
Browse files Browse the repository at this point in the history
…tent (#5499)
  • Loading branch information
alecpl committed Nov 7, 2016
1 parent c3e7d93 commit d02e6ea
Show file tree
Hide file tree
Showing 2 changed files with 44 additions and 11 deletions.
1 change: 1 addition & 0 deletions CHANGELOG
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ CHANGELOG Roundcube Webmail
- Managesieve: Unhide advanced rule controls if there are inputs with errors
- Managesieve: Display warning message when filter form contains errors
- Control search engine crawlers via X-Robots-Tag header instead of <meta> and robots.txt (#5098)
- Fix so templating system does not mess with external (e.g. email) content (#5499)
- Fix redundant keep-alive/refresh after session error on compose page (#5500)
- Fix flickering of header topline in min-mode (#5426)
- Fix bug where folders list would scroll to top when clicking on subscription checkbox (#5447)
Expand Down
54 changes: 43 additions & 11 deletions program/include/rcmail_output_html.php
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ class rcmail_output_html extends rcmail_output

protected $message;
protected $template_name;
protected $objects = array();
protected $js_env = array();
protected $js_labels = array();
protected $js_commands = array();
Expand Down Expand Up @@ -638,15 +639,11 @@ function parse($name = 'main', $exit = true, $write = true)
$output = $hook['content'];
unset($hook['content']);

// make sure all <form> tags have a valid request token
$output = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $output);
$this->footer = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $this->footer);

// remove plugin skin paths from current context
$this->skin_paths = array_slice($this->skin_paths, count($plugin_skin_paths));

if (!$write) {
return $output;
return $this->postrender($output);
}

$this->write(trim($output));
Expand Down Expand Up @@ -888,6 +885,7 @@ public function just_parse($input)
{
$input = $this->parse_conditions($input);
$input = $this->parse_xml($input);
$input = $this->postrender($input);

return $input;
}
Expand Down Expand Up @@ -970,7 +968,7 @@ protected function alter_form_tag($matches)
*
* @return mixed Expression result
*/
protected function eval_expression ($expression)
protected function eval_expression($expression)
{
$expression = preg_replace(
array(
Expand Down Expand Up @@ -1012,13 +1010,18 @@ protected function eval_expression ($expression)
* with the appropriate content
*
* @param string $input Input string to parse
* @param bool $reset Reset stored objects
*
* @return string Altered input string
* @todo Use DOM-parser to traverse template HTML
* @todo Maybe a cache.
*/
protected function parse_xml($input)
protected function parse_xml($input, $reset = true)
{
if ($reset) {
$this->objects = array();
}

return preg_replace_callback('/<roundcube:([-_a-z]+)\s+((?:[^>]|\\\\>)+)(?<!\\\\)>/Ui', array($this, 'xml_command'), $input);
}

Expand Down Expand Up @@ -1118,7 +1121,7 @@ protected function xml_command($matches)
$incl = file_get_contents($path);
}
$incl = $this->parse_conditions($incl);
$incl = $this->parse_xml($incl);
$incl = $this->parse_xml($incl, false);
$incl = $this->fix_paths($incl);
$this->base_path = $old_base_path;
return $incl;
Expand All @@ -1141,14 +1144,15 @@ protected function xml_command($matches)

// return code for a specific application object
case 'object':
$object = strtolower($attrib['name']);
$object = strtolower($attrib['name']);
$content = '';

// we are calling a class/method
if (($handler = $this->object_handlers[$object]) && is_array($handler)) {
if ((is_object($handler[0]) && method_exists($handler[0], $handler[1])) ||
(is_string($handler[0]) && class_exists($handler[0])))
$content = call_user_func($handler, $attrib);
$content = call_user_func($handler, $attrib);
$external = true;
}
// execute object handler function
else if (function_exists($handler)) {
Expand Down Expand Up @@ -1211,6 +1215,13 @@ protected function xml_command($matches)

// exec plugin hooks for this template object
$hook = $this->app->plugins->exec_hook("template_object_$object", $attrib + array('content' => $content));

if (strlen($hook['content']) && !empty($external)) {
$object_id = uniqid('TEMPLOBJECT:', true);
$this->objects[$object_id] = $hook['content'];
$hook['content'] = $object_id;
}

return $hook['content'];

// return code for a specified eval expression
Expand Down Expand Up @@ -1276,6 +1287,25 @@ protected function include_php($file)
return $out;
}

/**
* Put objects' content back into template output
*/
protected function postrender($output)
{
// insert objects' contents
foreach ($this->objects as $key => $val) {
$output = str_replace($key, $val, $output);
}

// reset objects
$this->objects = array();

// make sure all <form> tags have a valid request token
$output = preg_replace_callback('/<form\s+([^>]+)>/Ui', array($this, 'alter_form_tag'), $output);

return $output;
}

/**
* Create and register a button
*
Expand Down Expand Up @@ -1540,7 +1570,7 @@ public function add_footer($str)
* @param string $templ HTML template
* @param string $base_path Base for absolute paths
*/
public function _write($templ = '', $base_path = '')
protected function _write($templ = '', $base_path = '')
{
$output = trim($templ);

Expand Down Expand Up @@ -1664,6 +1694,8 @@ public function _write($templ = '', $base_path = '')
$output = $this->fix_assets_paths($output);
}

$output = $this->postrender($output);

// trigger hook with final HTML content to be sent
$hook = $this->app->plugins->exec_hook("send_page", array('content' => $output));
if (!$hook['abort']) {
Expand Down

0 comments on commit d02e6ea

Please sign in to comment.