zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Apply security updates to signature preview

Browse Source
This commit is contained in:
zefie
2022-11-25 11:55:55 -05:00
parent 61997e4c73
commit 4b6625b02c
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
zefie_wtvp_minisrv/ServiceVault/wtv-mail/get-signature.js
View File

@@ -20,9 +20,14 @@ if (request_headers.query.sanitize) {
if (data.indexOf("<html>") >= 0) { if (data.indexOf("<html>") >= 0) {
data = wtvshared.sanitizeSignature(data).replace("<html>", `<html><body bgcolor=${message_colors.bgcolor} text=${message_colors.text} link=${message_colors.link} vlink=${message_colors.vlink} vspace=0 hspace=0>`); data = wtvshared.sanitizeSignature(data).replace("<html>", `<html><body bgcolor=${message_colors.bgcolor} text=${message_colors.text} link=${message_colors.link} vlink=${message_colors.vlink} vspace=0 hspace=0>`);
} else { } else {
data = `<body bgcolor=${message_colors.bgcolor} text=${message_colors.text} link=${message_colors.link} vlink=${message_colors.vlink} vspace=0 hspace=0>\n${data}`; data = `<body bgcolor=${message_colors.bgcolor} text=${message_colors.text} link=${message_colors.link} vlink=${message_colors.vlink} vspace=0 hspace=0>\n${wtvshared.sanitizeSignature(data)}`;
}
if (request_headers.query.showdemotext) {
data += `<br>
<hr>This is a preview of your signature. The text below the line will not appear in your outgoing messages.
It is provided to demonstrate what a message composed with this signature may look like.
<a href="client:donothing">This is what a link looks like</a>`;
} }
if (request_headers.query.demotext) data += "<br>" + request_headers.query.demotext;
} }
if (!errpage) { if (!errpage) {
headers = `200 OK headers = `200 OK

2
zefie_wtvp_minisrv/ServiceVault/wtv-setup/mail-signature.js
View File

@@ -117,7 +117,7 @@ ${(request_headers.query.preview) ? "<tr><td><td colspan=3><b>Signature Preview:
<tr> <tr>
<TD> <TD>
<td colspan=3 valign=top align=left bgcolor="${(request_headers.query.preview) ? message_colors.bgcolor : "0D0D0D"}"> <td colspan=3 valign=top align=left bgcolor="${(request_headers.query.preview) ? message_colors.bgcolor : "0D0D0D"}">
${(request_headers.query.preview) ? `<embed src="wtv-mail:/get-signature?sanitize=true&demotext=${encodeURIComponent(`<hr>This is a preview of your signature. The text below the line will not appear in your outgoing messages. It is provided to demonstrate what a message composed with this signature may look like. <a href="client:donothing">This is what a link looks like</a>.`)}" height=40></embed><br><br>` : ''} ${(request_headers.query.preview) ? `<embed src="wtv-mail:/get-signature?sanitize=true&showdemotext=true" height=40></embed><br><br>` : ''}
<tr> <tr>
<td> <td>
<td colspan=3 height=2 valign=top align=left> <td colspan=3 height=2 valign=top align=left>