When browsing my email, I get all "tinyurl.com" hrefs dynamically replaced with "tinyidiocy.com".
I believe the offending code to be the third line here - in file "program/steps/mail/func.inc":
/* Rename dangerous CSS */
$newvalue = preg_replace('/expression/i', 'idiocy', $newvalue);
$newvalue = preg_replace('/url/i', 'idiocy', $newvalue);
This is the only occurance of the string "idiocy" in all the source.
Roundcube is great- ive been a user since one of the first betas appeared. First time finding a real bug.. Keep up the good work.
mafro
edit: Forgot to mention the filename.. Doh.
dear
after many years ( the post by Manfro was dated 2008), I see that this bug is still there.
Today, trying to connect to connect to tinyurl from my roundcube I was instead sent to tinyidiocy.
It is just because I was sure the sender was respectable, that I discovered the bug, because at first it seems a simple spam.
I strongly suggest RoundCube to correct this annoying simple bug
best
Simone
There's no such code in Rundcube vanila package. So, don't blame Roundcube.