From 18414cd776b8bc1641e1708ab0ebe247d333fda7 Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Mon, 20 Jun 2016 12:09:35 -0500
Subject: [PATCH] html: Fix processing of some <html> tags in email

thanks @robintoy, @talilon

This patch removes any contents of an html element when scrubbing html
markup. Some markup includes complex namespaces and other information which
does not concern the html processing of osTicket. It also messes up the
htmLawed processing of the htmLawed.

Maybe fixes #2465
Maybe fixes #2272
---
 include/class.format.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/class.format.php b/include/class.format.php
index d25579051..864bc6456 100644
--- a/include/class.format.php
+++ b/include/class.format.php
@@ -305,8 +305,9 @@ class Format {
                   ':<!\[[^]<]+\]>:',            # <![if !mso]> and friends
                   ':<!DOCTYPE[^>]+>:',          # <!DOCTYPE ... >
                   ':<\?[^>]+>:',                # <?xml version="1.0" ... >
+                  ':<html[^>]+:i',              # drop html attributes
             ),
-            array('', '', '', ''),
+            array('', '', '', '', '<html'),
             $html);
 
         // HtmLawed specific config only
-- 
GitLab