|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* ownCloud |
|
5
|
|
|
* |
|
6
|
|
|
* @author Thomas Müller |
|
7
|
|
|
* @copyright 2014 Thomas Müller [email protected] |
|
8
|
|
|
* |
|
9
|
|
|
* You should have received a copy of the GNU Affero General Public |
|
10
|
|
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>. |
|
11
|
|
|
* |
|
12
|
|
|
*/ |
|
13
|
|
|
|
|
14
|
|
|
namespace OCA\Mail\Service; |
|
15
|
|
|
|
|
16
|
|
|
use Closure; |
|
17
|
|
|
use HTMLPurifier; |
|
18
|
|
|
use HTMLPurifier_Config; |
|
19
|
|
|
use HTMLPurifier_HTMLDefinition; |
|
20
|
|
|
use HTMLPurifier_URISchemeRegistry; |
|
21
|
|
|
use Kwi\UrlLinker; |
|
22
|
|
|
use OCA\Mail\Service\HtmlPurify\CidURIScheme; |
|
23
|
|
|
use OCA\Mail\Service\HtmlPurify\TransformCSSBackground; |
|
24
|
|
|
use OCA\Mail\Service\HtmlPurify\TransformHTMLLinks; |
|
25
|
|
|
use OCA\Mail\Service\HtmlPurify\TransformImageSrc; |
|
26
|
|
|
use OCA\Mail\Service\HtmlPurify\TransformNoReferrer; |
|
27
|
|
|
use OCA\Mail\Service\HtmlPurify\TransformURLScheme; |
|
28
|
|
|
use OCP\IRequest; |
|
29
|
|
|
use OCP\IURLGenerator; |
|
30
|
|
|
use OCP\Util; |
|
31
|
|
|
|
|
32
|
|
|
class Html { |
|
33
|
|
|
|
|
34
|
|
|
/** @var IURLGenerator */ |
|
35
|
|
|
private $urlGenerator; |
|
36
|
|
|
|
|
37
|
|
|
/** @var IRequest */ |
|
38
|
|
|
private $request; |
|
39
|
|
|
|
|
40
|
26 |
|
public function __construct(IURLGenerator $urlGenerator, IRequest $request) { |
|
41
|
26 |
|
$this->urlGenerator = $urlGenerator; |
|
42
|
26 |
|
$this->request = $request; |
|
43
|
26 |
|
} |
|
44
|
|
|
|
|
45
|
|
|
/** |
|
46
|
|
|
* @param string $data |
|
47
|
|
|
* @return string |
|
48
|
|
|
*/ |
|
49
|
15 |
|
public function convertLinks($data) { |
|
50
|
15 |
|
$linker = new UrlLinker(true, false); |
|
51
|
15 |
|
$data = $linker->linkUrlsInTrustedHtml($data); |
|
52
|
|
|
|
|
53
|
15 |
|
$config = HTMLPurifier_Config::createDefault(); |
|
54
|
|
|
|
|
55
|
|
|
// Append target="_blank" to all link (a) elements |
|
56
|
15 |
|
$config->set('HTML.TargetBlank', true); |
|
57
|
|
|
|
|
58
|
|
|
// allow cid, http and ftp |
|
59
|
15 |
|
$config->set('URI.AllowedSchemes', ['http' => true, 'https' => true, 'ftp' => true, 'mailto' => true]); |
|
60
|
15 |
|
$config->set('URI.Host', Util::getServerHostName()); |
|
61
|
|
|
|
|
62
|
|
|
// Disable the cache since ownCloud has no really appcache |
|
63
|
|
|
// TODO: Fix this - requires https://github.com/owncloud/core/issues/10767 to be fixed |
|
64
|
15 |
|
$config->set('Cache.DefinitionImpl', null); |
|
65
|
|
|
|
|
66
|
|
|
/** @var HTMLPurifier_HTMLDefinition $uri */ |
|
67
|
15 |
|
$uri = $config->getDefinition('HTML'); |
|
68
|
15 |
|
$uri->info_attr_transform_post['noreferrer'] = new TransformNoReferrer(); |
|
69
|
|
|
|
|
70
|
15 |
|
$purifier = new HTMLPurifier($config); |
|
71
|
|
|
|
|
72
|
15 |
|
return $purifier->purify($data); |
|
73
|
|
|
} |
|
74
|
|
|
|
|
75
|
|
|
/** |
|
76
|
|
|
* split off the signature |
|
77
|
|
|
* |
|
78
|
|
|
* @param string $body |
|
79
|
|
|
* @return array |
|
80
|
|
|
*/ |
|
81
|
3 |
|
public function parseMailBody($body) { |
|
82
|
3 |
|
$signature = null; |
|
83
|
3 |
|
$parts = explode("-- \r\n", $body); |
|
84
|
3 |
|
if (count($parts) > 1) { |
|
85
|
2 |
|
$signature = nl2br(array_pop($parts)); |
|
86
|
2 |
|
$body = implode("-- \r\n", $parts); |
|
87
|
2 |
|
} |
|
88
|
|
|
|
|
89
|
|
|
return [ |
|
90
|
3 |
|
$body, |
|
91
|
|
|
$signature |
|
92
|
3 |
|
]; |
|
93
|
|
|
} |
|
94
|
|
|
|
|
95
|
|
|
public function sanitizeHtmlMailBody($mailBody, array $messageParameters, Closure $mapCidToAttachmentId) { |
|
96
|
|
|
$config = HTMLPurifier_Config::createDefault(); |
|
97
|
|
|
|
|
98
|
|
|
// Append target="_blank" to all link (a) elements |
|
99
|
|
|
$config->set('HTML.TargetBlank', true); |
|
100
|
|
|
|
|
101
|
|
|
// allow cid, http and ftp |
|
102
|
|
|
$config->set('URI.AllowedSchemes', ['cid' => true, 'http' => true, 'https' => true, 'ftp' => true, 'mailto' => true]); |
|
103
|
|
|
$config->set('URI.Host', Util::getServerHostName()); |
|
104
|
|
|
|
|
105
|
|
|
// Disable the cache since ownCloud has no really appcache |
|
106
|
|
|
// TODO: Fix this - requires https://github.com/owncloud/core/issues/10767 to be fixed |
|
107
|
|
|
$config->set('Cache.DefinitionImpl', null); |
|
108
|
|
|
|
|
109
|
|
|
// Rewrite URL for redirection and proxying of content |
|
110
|
|
|
$html = $config->getDefinition('HTML'); |
|
111
|
|
|
$html->info_attr_transform_post['imagesrc'] = new TransformImageSrc($this->urlGenerator); |
|
|
|
|
|
|
112
|
|
|
$html->info_attr_transform_post['cssbackground'] = new TransformCSSBackground($this->urlGenerator); |
|
113
|
|
|
$html->info_attr_transform_post['htmllinks'] = new TransformHTMLLinks(); |
|
114
|
|
|
|
|
115
|
|
|
$uri = $config->getDefinition('URI'); |
|
116
|
|
|
$uri->addFilter(new TransformURLScheme($messageParameters, $mapCidToAttachmentId, $this->urlGenerator, $this->request), $config); |
|
117
|
|
|
|
|
118
|
|
|
HTMLPurifier_URISchemeRegistry::instance()->register('cid', new CidURIScheme()); |
|
119
|
|
|
|
|
120
|
|
|
$purifier = new HTMLPurifier($config); |
|
121
|
|
|
|
|
122
|
|
|
$result = $purifier->purify($mailBody); |
|
123
|
|
|
// eat xml parse errors within HTMLPurifier |
|
124
|
|
|
libxml_clear_errors(); |
|
125
|
|
|
return $result; |
|
126
|
|
|
} |
|
127
|
|
|
|
|
128
|
|
|
} |
|
129
|
|
|
|
owncloud /
mail
An attempt at access to an undefined property has been detected. This may either be a typographical error or the property has been renamed but there are still references to its old name.
If you really want to allow access to undefined properties, you can define magic methods to allow access. See the php core documentation on Overloading.