diff --git a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js
index 87b98853..cd464fba 100644
--- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js
+++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-mail/readmail.js
@@ -39,7 +39,16 @@ Location: wtv-mail:/listmail`;
 
                 headers = `200 OK
 Content-type: text/html`;
-                var message_colors = session_data.mailstore.getSignatureColors(message.signature);
+
+
+                var message_colors = null;
+
+                if (message.body.indexOf("<body")) {
+                    var default_colors = session_data.mailstore.defaultColors;
+                    var message_colors = session_data.mailstore.getSignatureColors(message.body);
+                    if (message_colors == default_colors) message_colors = null;
+                }
+                if (!message_colors) message_colors = session_data.mailstore.getSignatureColors(message.signature);
 
                 if (typeof message.subject == "object" && message.subject) message.subject = wtvshared.decodeBufferText(message.subject);
                 data = `<wtvnoscript>
@@ -275,7 +284,10 @@ ${(message.subject) ? wtvshared.htmlEntitize(message.subject) : '(No subject)'}
                     message.body = wtvshared.decodeBufferText(message.body);
                 }
                 if (message.body) message.body = message.body.replace(/\n/g, "<br><br>");
-                data += `${(message.allow_html) ? message.body : wtvshared.htmlEntitize(message.body, true)}
+                if (message.body.indexOf("<html>") >= 0) {
+                    message.allow_html = true;
+                }
+                data += `${(message.allow_html) ? wtvshared.sanitizeSignature(message.body) : wtvshared.htmlEntitize(message.body, true)}
 <br>
 <br>`;
                 if (message.signature) {
@@ -283,6 +295,7 @@ ${(message.subject) ? wtvshared.htmlEntitize(message.subject) : '(No subject)'}
                 }
                 data += `<p>
 `;
+                console.log(message.body);
                 console.log(message.allow_html)
                 if (Array.isArray(message.attachments)) {
                     message.attachments.forEach((v, k) => {
diff --git a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-news/news.js b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-news/news.js
index 1de59247..f4884901 100644
--- a/zefie_wtvp_minisrv/includes/ServiceVault/wtv-news/news.js
+++ b/zefie_wtvp_minisrv/includes/ServiceVault/wtv-news/news.js
@@ -347,6 +347,14 @@ wtv-expire-all: wtv-news:/news?group=${group}&article=`;
                         if (signature_index) attachments.splice(signature_index, 1);
                     }
                 }
+
+                if (message_body.indexOf("<body")) {
+                    var default_colors = session_data.mailstore.defaultColors;
+                    var message_colors = session_data.mailstore.getSignatureColors(message_body);
+                    if ((message_colors == default_colors) && signature) message_colors = null;
+                }
+                if (!message_colors && signature) message_colors = session_data.mailstore.getSignatureColors(signature);
+
                 if (signature) message_colors = session_data.mailstore.getSignatureColors(signature);
 
                 data = `<head>
@@ -580,7 +588,6 @@ ${wtvshared.htmlEntitize(response.article.headers.NEWSGROUPS)}
 <td valign=top>
 Date: <td>
 ${strftime("%a, %b %e, %Y, %I:%M%P", new Date(Date.parse(response.article.headers.DATE)))}
-<font size=-1> </font>
 <tr>
 <td valign=top>
 From:
@@ -594,19 +601,26 @@ From:
                 data += `<tr>
 <td nowrap valign=top>
 <td>
+<tr>
+<td valign=top>Subject:
+<td>${(response.article.headers.SUBJECT) ? wtvshared.htmlEntitize(response.article.headers.SUBJECT) : '(No subject)'}
 </table>
+<br><br>
 <table cellspacing=0 cellpadding=0>
 <tr>
 <td abswidth=10 rowspan=99>
-<td><br><br><br><font color=E7CE4A>
-${(response.article.headers.SUBJECT) ? wtvshared.htmlEntitize(response.article.headers.SUBJECT) : '(No subject)'}<br><br>
-</font>
-<td abswidth=20 rowspan=99>
+
 <tr>
 <td>
-`                
+`;
+                var allow_html = false;
+                if (message_body) {
+                    if (message_body.indexOf("<html>") >= 0) {
+                        allow_html = true;
+                    }
+                }
+                data += (allow_html) ? wtvshared.sanitizeSignature(message_body) : wtvshared.htmlEntitize(message_body, true)
                 data += `
-${wtvshared.htmlEntitize(message_body, true)}
 <br>
 <br>`;
                 if (signature) data += wtvshared.sanitizeSignature(signature);
diff --git a/zefie_wtvp_minisrv/includes/classes/WTVShared.js b/zefie_wtvp_minisrv/includes/classes/WTVShared.js
index ecc85a44..dfbcf803 100644
--- a/zefie_wtvp_minisrv/includes/classes/WTVShared.js
+++ b/zefie_wtvp_minisrv/includes/classes/WTVShared.js
@@ -250,6 +250,7 @@ class WTVShared {
                 allowedProtocols.push(k);
             }
         });
+        console.log(allowedProtocols);
 
         const clean = this.sanitizeHtml(string, {
             allowedTags: ['a', 'audioscope', 'b', 'bgsound', 'big', 'blackface', 'blockquote', 'bq', 'br', 'caption', 'center', 'cite', 'c', 'dd', 'dfn', 'div', 'dl', 'dt', 'fn', 'font', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'html', 'i', 'img', 'label', 'li', 'link', 'listing', 'em', 'marquee', 'nobr', 'note', 'ol', 'p', 'plaintext', 'pre', 's', 'samp', 'small', 'span', 'strike', 'strong', 'sub', 'sup', 'tbody', 'table', 'td', 'th', 'tr', 'tt', 'u', 'ul'],
@@ -265,13 +266,15 @@ class WTVShared {
             allowedSchemesByTag: {},
             allowedSchemesAppliedToAttributes: ['href', 'src', 'cite'],
             exclusiveFilter: function (frame) {
-                var allowed = false;
+                var allowed = true;
                 Object.keys(frame.attribs).forEach((k) => {
                     if (k == "href" || k == "background" || k == "src") {
+                        var allowed = false;
                         var value = frame.attribs[k];                        
                         Object.keys(allowedProtocols).forEach((j) => {
                             if (value.startsWith(allowedProtocols[j])) {
                                 allowed = true;
+                                return false;
                             }
                         })                        
                     }

-	-${(response.article.headers.SUBJECT) ? wtvshared.htmlEntitize(response.article.headers.SUBJECT) : '(No subject)'} - -	+
	-` +`; + var allow_html = false; + if (message_body) { + if (message_body.indexOf("") >= 0) { + allow_html = true; + } + } + data += (allow_html) ? wtvshared.sanitizeSignature(message_body) : wtvshared.htmlEntitize(message_body, true) data += ` -${wtvshared.htmlEntitize(message_body, true)} `; if (signature) data += wtvshared.sanitizeSignature(signature); diff --git a/zefie_wtvp_minisrv/includes/classes/WTVShared.js b/zefie_wtvp_minisrv/includes/classes/WTVShared.js index ecc85a44..dfbcf803 100644 --- a/zefie_wtvp_minisrv/includes/classes/WTVShared.js +++ b/zefie_wtvp_minisrv/includes/classes/WTVShared.js @@ -250,6 +250,7 @@ class WTVShared { allowedProtocols.push(k); } }); + console.log(allowedProtocols); const clean = this.sanitizeHtml(string, { allowedTags: ['a', 'audioscope', 'b', 'bgsound', 'big', 'blackface', 'blockquote', 'bq', 'br', 'caption', 'center', 'cite', 'c', 'dd', 'dfn', 'div', 'dl', 'dt', 'fn', 'font', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'html', 'i', 'img', 'label', 'li', 'link', 'listing', 'em', 'marquee', 'nobr', 'note', 'ol', 'p', 'plaintext', 'pre', 's', 'samp', 'small', 'span', 'strike', 'strong', 'sub', 'sup', 'tbody', 'table', 'td', 'th', 'tr', 'tt', 'u', 'ul'], @@ -265,13 +266,15 @@ class WTVShared { allowedSchemesByTag: {}, allowedSchemesAppliedToAttributes: ['href', 'src', 'cite'], exclusiveFilter: function (frame) { - var allowed = false; + var allowed = true; Object.keys(frame.attribs).forEach((k) => { if (k == "href" \|\| k == "background" \|\| k == "src") { + var allowed = false; var value = frame.attribs[k]; Object.keys(allowedProtocols).forEach((j) => { if (value.startsWith(allowedProtocols[j])) { allowed = true; + return false; } }) }