[FIX]tools/mail: fix regex when sanitizing html containing mail address
bzr revid: csn@openerp.com-20130308104850-02nfuaxdr91bo0nx
This commit is contained in:
parent
87a26bde3b
commit
f05aff8ac9
|
@ -50,7 +50,7 @@ def html_sanitize(src):
|
|||
src = ustr(src, errors='replace')
|
||||
|
||||
# html encode email tags
|
||||
part = re.compile(r"(<[^<>]+@[^<>]+>)", re.IGNORECASE | re.DOTALL)
|
||||
part = re.compile(r"(<(([^a<>]|a[^<>\s])[^<>]*)@[^<>]+>)", re.IGNORECASE | re.DOTALL)
|
||||
src = part.sub(lambda m: cgi.escape(m.group(1)), src)
|
||||
|
||||
# some corner cases make the parser crash (such as <SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT> in test_mail)
|
||||
|
|
Loading…
Reference in New Issue