Roundcubemail devel
blame | history | patch | commit | commitdiff | ignore whitespace
alecpl
2011-12-28 a267c6ccd20ea835a398211063b550ef49591b82 
 program/include/rcube_content_filter.php


@@ -23,33 +23,34 @@


 */


class rcube_content_filter extends php_user_filter


{


  private $buffer = '';


  private $cutoff = 2048;


    private $buffer = '';


    private $cutoff = 2048;




  function onCreate()


  {


    $this->cutoff = rand(2048, 3027);


    return true;


  }




  function filter($in, $out, &$consumed, $closing)


  {


    while ($bucket = stream_bucket_make_writeable($in)) {


      $this->buffer .= $bucket->data;




      // check for evil content and abort


      if (preg_match('/<(script|iframe|object)/i', $this->buffer))


        return PSFS_ERR_FATAL;




      // keep buffer small enough


      if (strlen($this->buffer) > 4096)


        $this->buffer = substr($this->buffer, $this->cutoff);




      $consumed += $bucket->datalen;


      stream_bucket_append($out, $bucket);


    function onCreate()


    {


        $this->cutoff = rand(2048, 3027);


        return true;


    }




    return PSFS_PASS_ON;


  }


}


    function filter($in, $out, &$consumed, $closing)


    {


        while ($bucket = stream_bucket_make_writeable($in)) {


            $this->buffer .= $bucket->data;




            // check for evil content and abort


            if (preg_match('/<(script|iframe|object)/i', $this->buffer)) {


                return PSFS_ERR_FATAL;


            }




            // keep buffer small enough


            if (strlen($this->buffer) > 4096) {


                $this->buffer = substr($this->buffer, $this->cutoff);


            }




            $consumed += $bucket->datalen;


            stream_bucket_append($out, $bucket);


        }




        return PSFS_PASS_ON;


    }


}