From b3ae159c2ecdf4b3bea443317b5e64e5c48ba257 Mon Sep 17 00:00:00 2001
From: Martin Edenhofer
Date: Thu, 13 Apr 2017 14:55:37 +0200
Subject: [PATCH] Fixed issue #952 - External links in html emails will be open
in local context.
---
lib/html_sanitizer.rb | 4 ++++
test/unit/aaa_string_test.rb | 9 +++++++++
test/unit/email_parser_test.rb | 4 ++--
3 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/lib/html_sanitizer.rb b/lib/html_sanitizer.rb
index ae37b9a2b..65bcccff4 100644
--- a/lib/html_sanitizer.rb
+++ b/lib/html_sanitizer.rb
@@ -132,6 +132,10 @@ satinize html string based on whiltelist
# prepare links
if node['href']
href = cleanup_target(node['href'])
+ if external && !href.downcase.start_with?('//') && href.downcase !~ %r{^.{1,6}://.+?}
+ node['href'] = "http://#{node['href']}"
+ href = node['href']
+ end
next if !href.downcase.start_with?('http', 'ftp', '//')
node.set_attribute('href', href)
node.set_attribute('rel', 'nofollow')
diff --git a/test/unit/aaa_string_test.rb b/test/unit/aaa_string_test.rb
index 8641ffd59..eb34a3dcd 100644
--- a/test/unit/aaa_string_test.rb
+++ b/test/unit/aaa_string_test.rb
@@ -663,6 +663,15 @@ Men-----------------------'
result = "http://facebook.de/examplesrbog"
assert_equal(result, html.html2html_strict)
+ html = "web
+www.example.de"
+ result = "web www.example.de"
+ assert_equal(result, html.html2html_strict)
+
+ html = "web www.example.de"
+ result = "web www.example.de"
+ assert_equal(result, html.html2html_strict)
+
html = "Damit Sie keinen Tag versäumen, empfehlen wir Ihnen den Link des Adventkalenders in
Ihrer Lesezeichen-Symbolleiste zu ergänzen.
"
result = "Damit Sie keinen Tag versäumen, empfehlen wir Ihnen den Link des Adventkalenders (
http://newsletters.cylex.de/) in
Ihrer Lesezeichen-Symbolleiste zu ergänzen.
"
assert_equal(result, html.html2html_strict)
diff --git a/test/unit/email_parser_test.rb b/test/unit/email_parser_test.rb
index 1864caa97..5eafbdd64 100644
--- a/test/unit/email_parser_test.rb
+++ b/test/unit/email_parser_test.rb
@@ -244,7 +244,7 @@ Managing Director: Martin Edenhofer
},
{
data: IO.binread('test/fixtures/mail8.box'),
- body_md5: '630aa1cc84fcaee8a0f232908c454c5f',
+ body_md5: 'ec01ac06deb1997b09b0afbbe49e316f',
attachments: [
{
md5: 'c3ca4aab222eed8a148a716371b70129',
@@ -281,7 +281,7 @@ Düsseldorfer Landstraße 395
D-00000 Hof
-
http://www.example.com
+
http://www.example.com
Geschäftsführung/Management Board: Jan Bauer (Vorsitzender/Chairman), Oliver Bauer, Heiko Bauer, Boudewijn Bauer