[SM-CVS] CVS: squirrelmail/functions mime.php,1.365,1.366

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Update of /cvsroot/squirrelmail/squirrelmail/functions
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv23286

Modified Files:
	mime.php 
Log Message:
also need to get u\rl outside of style blocks;
do not try to correct them since they are obviously malicious


Index: mime.php
===================================================================
RCS file: /cvsroot/squirrelmail/squirrelmail/functions/mime.php,v
retrieving revision 1.365
retrieving revision 1.366
diff -u -w -r1.365 -r1.366

--- mime.php	23 Feb 2006 13:10:58 -0000	1.365
+++ mime.php	23 Feb 2006 13:50:08 -0000	1.366
@@ -2164,6 +2164,7 @@
                     "/behaviou*r/i",
                     "/include-source/i",
                     "/position\s*:\s*absolute/i",
+                    "/(\\\\)?u(\\\\)?r(\\\\)?l(\\\\)?/i",
                     "/url\s*\(\s*([\'\"])\s*\S+script\s*:.*([\'\"])\s*\)/si",
                     "/url\s*\(\s*([\'\"])\s*mocha\s*:.*([\'\"])\s*\)/si",
                     "/url\s*\(\s*([\'\"])\s*about\s*:.*([\'\"])\s*\)/si",
@@ -2176,6 +2177,7 @@
                     "idiocy",
                     "idiocy",
                     "",
+                    "idiocy",
                     "url(\\1#\\1)",
                     "url(\\1#\\1)",
                     "url(\\1#\\1)",



