Roundcube Community Forum

 

[BUG] Tiny Idiocy

Started by mafro, March 19, 2008, 10:52:27 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

mafro

March 19, 2008, 10:52:27 AM
When browsing my email, I get all "tinyurl.com" hrefs dynamically replaced with "tinyidiocy.com".

I believe the offending code to be the third line here - in file "program/steps/mail/func.inc":

Code Select
/* Rename dangerous CSS */
$newvalue = preg_replace('/expression/i', 'idiocy', $newvalue);
$newvalue = preg_replace('/url/i', 'idiocy', $newvalue);
This is the only occurance of the string "idiocy" in all the source.

Roundcube is great- ive been a user since one of the first betas appeared. First time finding a real bug.. Keep up the good work.
mafro

edit: Forgot to mention the filename.. Doh.

libral73

#1
March 15, 2015, 06:30:45 AM
dear
after many years ( the post by Manfro was dated 2008), I see that this bug is still there.
Today, trying to connect to connect to tinyurl from my roundcube I was instead sent to tinyidiocy.
It is just because I was sure the sender was respectable, that I discovered the bug, because at first it seems a simple spam.
I strongly suggest RoundCube to correct this annoying simple bug

best
Simone

alec

#2
March 15, 2015, 09:34:17 AM
There's no such code in Rundcube vanila package. So, don't blame Roundcube.
Print
Go Up Pages1
User actions