Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
/ *
* Copyright 2016 Michael Gratton < mike @ vee . net >
*
* This software is licensed under the GNU Lesser General Public License
* ( version 2.1 or later ) . See the COPYING file in this distribution .
* /
2018-03-09 11:58:02 +11:00
class Geary . RFC822 . MessageDataTest : TestCase {
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
public MessageDataTest ( ) {
base ( " Geary.RFC822.MessageDataTest " ) ;
2019-03-03 15:51:35 +11:00
add_test ( " date_from_rfc822 " , date_from_rfc822 ) ;
2019-10-10 08:55:42 +11:00
add_test ( " date_from_rfc822 " , date_from_rfc822 ) ;
2019-03-03 15:51:35 +11:00
add_test ( " date_to_rfc822 " , date_to_rfc822 ) ;
2019-10-10 08:55:42 +11:00
add_test ( " header_from_rfc822 " , header_from_rfc822 ) ;
add_test ( " header_names_from_rfc822 " , header_names_from_rfc822 ) ;
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
add_test ( " PreviewText.with_header " , preview_text_with_header ) ;
}
2020-05-06 13:54:59 +10:00
public void preview_text_with_header ( ) throws GLib . Error {
2016-12-19 01:59:32 +11:00
PreviewText plain_preview1 = new PreviewText . with_header (
2018-05-10 13:47:47 +10:00
new Geary . Memory . StringBuffer ( PLAIN_BODY1_HEADERS ) ,
new Geary . Memory . StringBuffer ( PLAIN_BODY1_ENCODED )
2016-12-19 01:59:32 +11:00
) ;
2020-05-09 16:04:22 +10:00
assert_equal ( plain_preview1 . buffer . to_string ( ) , PLAIN_BODY1_EXPECTED ) ;
2016-12-19 01:59:32 +11:00
2016-12-21 10:45:21 +11:00
PreviewText base64_preview = new PreviewText . with_header (
2018-05-10 13:47:47 +10:00
new Geary . Memory . StringBuffer ( BASE64_BODY_HEADERS ) ,
new Geary . Memory . StringBuffer ( BASE64_BODY_ENCODED )
2016-12-21 10:45:21 +11:00
) ;
2020-05-09 16:04:22 +10:00
assert_equal ( base64_preview . buffer . to_string ( ) , BASE64_BODY_EXPECTED ) ;
2016-12-21 10:45:21 +11:00
2016-12-19 01:59:32 +11:00
string html_part_headers = " Content-Type: text/html; charset=utf-8 \r \n Content-Transfer-Encoding: quoted-printable \r \n \r \n " ;
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
2016-12-19 01:59:32 +11:00
PreviewText html_preview1 = new PreviewText . with_header (
2018-05-10 13:47:47 +10:00
new Geary . Memory . StringBuffer ( html_part_headers ) ,
new Geary . Memory . StringBuffer ( HTML_BODY1_ENCODED )
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
) ;
2020-05-09 16:04:22 +10:00
assert_equal ( html_preview1 . buffer . to_string ( ) , HTML_BODY1_EXPECTED ) ;
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
2016-12-19 01:59:32 +11:00
PreviewText html_preview2 = new PreviewText . with_header (
2018-05-10 13:47:47 +10:00
new Geary . Memory . StringBuffer ( html_part_headers ) ,
new Geary . Memory . StringBuffer ( HTML_BODY2_ENCODED )
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
) ;
2020-05-09 16:04:22 +10:00
assert_equal ( html_preview2 . buffer . to_string ( ) , HTML_BODY2_EXPECTED ) ;
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
}
2019-10-10 08:55:42 +11:00
public void header_from_rfc822 ( ) throws GLib . Error {
Header test_article = new Header ( new Memory . StringBuffer ( HEADER_FIXTURE ) ) ;
2020-05-09 16:04:22 +10:00
assert_equal ( test_article . get_header ( " From " ) , " Test <test@example.com> " ) ;
assert_equal ( test_article . get_header ( " Subject " ) , " test " ) ;
assert_null ( test_article . get_header ( " Blah " ) ) ;
2019-10-10 08:55:42 +11:00
}
public void header_names_from_rfc822 ( ) throws GLib . Error {
Header test_article = new Header ( new Memory . StringBuffer ( HEADER_FIXTURE ) ) ;
2020-05-09 16:04:22 +10:00
assert_equal < int ? > ( test_article . get_header_names ( ) . length , 2 ) ;
assert_equal ( test_article . get_header_names ( ) [ 0 ] , " From " ) ;
assert_equal ( test_article . get_header_names ( ) [ 1 ] , " Subject " ) ;
2019-10-10 08:55:42 +11:00
}
2019-03-03 15:51:35 +11:00
public void date_from_rfc822 ( ) throws GLib . Error {
const string FULL_HOUR_TZ = " Thu, 28 Feb 2019 00:00:00 -0100 " ;
2020-05-06 11:27:00 +10:00
Date full_hour_tz = new Date . from_rfc822_string ( FULL_HOUR_TZ ) ;
2020-05-09 16:04:22 +10:00
assert_equal < int64 ? > (
2019-03-03 15:51:35 +11:00
full_hour_tz . value . get_utc_offset ( ) ,
2020-05-09 16:04:22 +10:00
( ( int64 ) ( - 1 * 3600 ) ) * 1000 * 1000 ,
2019-03-03 15:51:35 +11:00
" full_hour_tz.value.get_utc_offset "
) ;
2020-05-09 16:04:22 +10:00
assert_equal < int ? > ( full_hour_tz . value . get_hour ( ) , 0 , " full_hour_tz hour " ) ;
assert_equal < int ? > ( full_hour_tz . value . get_minute ( ) , 0 , " full_hour_tz minute " ) ;
assert_equal < int ? > ( full_hour_tz . value . get_second ( ) , 0 , " full_hour_tz second " ) ;
assert_equal < int ? > ( full_hour_tz . value . get_day_of_month ( ) , 28 , " full_hour_tz day " ) ;
assert_equal < int ? > ( full_hour_tz . value . get_month ( ) , 2 , " full_hour_tz month " ) ;
assert_equal < int ? > ( full_hour_tz . value . get_year ( ) , 2019 , " full_hour_tz year " ) ;
assert_equal < int64 ? > (
2019-03-03 15:51:35 +11:00
full_hour_tz . value . to_unix ( ) ,
2020-05-09 16:04:22 +10:00
full_hour_tz . value . to_utc ( ) . to_unix ( ) ,
2019-03-03 15:51:35 +11:00
" to_unix not UTC "
) ;
const string HALF_HOUR_TZ = " Thu, 28 Feb 2019 00:00:00 +1030 " ;
2020-05-06 11:27:00 +10:00
Date half_hour_tz = new Date . from_rfc822_string ( HALF_HOUR_TZ ) ;
2020-05-09 16:04:22 +10:00
assert_equal < int64 ? > (
half_hour_tz . value . get_utc_offset ( ) ,
( ( int64 ) ( 10.5 * 3600 ) ) * 1000 * 1000
2019-03-03 15:51:35 +11:00
) ;
2020-05-09 16:04:22 +10:00
assert_equal < int ? > ( half_hour_tz . value . get_hour ( ) , 0 ) ;
assert_equal < int ? > ( half_hour_tz . value . get_minute ( ) , 0 ) ;
assert_equal < int ? > ( half_hour_tz . value . get_second ( ) , 0 ) ;
assert_equal < int ? > ( half_hour_tz . value . get_day_of_month ( ) , 28 ) ;
assert_equal < int ? > ( half_hour_tz . value . get_month ( ) , 2 ) ;
assert_equal < int ? > ( half_hour_tz . value . get_year ( ) , 2019 ) ;
2019-03-03 15:51:35 +11:00
}
public void date_to_rfc822 ( ) throws GLib . Error {
const string FULL_HOUR_TZ = " Thu, 28 Feb 2019 00:00:00 -0100 " ;
2020-05-06 11:27:00 +10:00
Date full_hour_tz = new Date . from_rfc822_string ( FULL_HOUR_TZ ) ;
2020-05-09 16:04:22 +10:00
assert_equal ( full_hour_tz . to_rfc822_string ( ) , FULL_HOUR_TZ ) ;
2019-03-03 15:51:35 +11:00
const string HALF_HOUR_TZ = " Thu, 28 Feb 2019 00:00:00 +1030 " ;
2020-05-06 11:27:00 +10:00
Date half_hour_tz = new Date . from_rfc822_string ( HALF_HOUR_TZ ) ;
2020-05-09 16:04:22 +10:00
assert_equal ( half_hour_tz . to_rfc822_string ( ) , HALF_HOUR_TZ ) ;
2019-03-03 15:51:35 +11:00
const string NEG_HALF_HOUR_TZ = " Thu, 28 Feb 2019 00:00:00 -1030 " ;
2020-05-06 11:27:00 +10:00
Date neg_half_hour_tz = new Date . from_rfc822_string ( NEG_HALF_HOUR_TZ ) ;
2020-05-09 16:04:22 +10:00
assert_equal ( neg_half_hour_tz . to_rfc822_string ( ) , NEG_HALF_HOUR_TZ ) ;
2019-03-03 15:51:35 +11:00
}
2019-10-10 08:55:42 +11:00
private const string HEADER_FIXTURE = " " " From: Test <test@example.com>
Subject : test
" " " ;
2016-12-19 01:59:32 +11:00
public static string PLAIN_BODY1_HEADERS = " Content-Type: text/plain; charset= \" us-ascii \" \r \n Content-Transfer-Encoding: 7bit \r \n " ;
2016-12-19 18:44:39 +11:00
public static string PLAIN_BODY1_ENCODED = " -----BEGIN PGP SIGNED MESSAGE----- \r \n Hash: SHA512 \r \n \r \n ============================================================================= \r \n FreeBSD-EN-16:11.vmbus Errata Notice \r \n The FreeBSD Project \r \n \r \n Topic: Avoid using spin locks for channel message locks \r \n \r \n Category: core \r \n Module: vmbus \r \n Announced: 2016-08-12 \r \n Credits: Microsoft OSTC \r \n Affects: FreeBSD 10.3 \r \n Corrected: 2016-06-15 09:52:01 UTC (stable/10, 10.3-STABLE) \r \n 2016-08-12 04:01:16 UTC (releng/10.3, 10.3-RELEASE-p7) \r \n \r \n For general information regarding FreeBSD Errata Notices and Security \r \n Advisories, including descriptions of the fields above, security \r \n branches, and the following sections, please visit \r \n <URL:https://security.FreeBSD.org/>. \r \n " ;
2016-12-20 12:07:52 +11:00
public static string PLAIN_BODY1_EXPECTED = " FreeBSD-EN-16:11.vmbus Errata Notice The FreeBSD Project Topic: Avoid using spin locks for channel message locks Category: core Module: vmbus Announced: 2016-08-12 Credits: Microsoft OSTC Affects: FreeBSD 10.3 Corrected: 2016-06-15 09:52:01 UTC (stable/10, 10.3-STABLE) 2016-08-12 04:01:16 UTC (releng/10.3, 10.3-RELEASE-p7) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. " ;
2016-12-19 01:59:32 +11:00
2016-12-21 10:45:21 +11:00
public static string BASE64_BODY_HEADERS = " Content-Transfer-Encoding: base64 \r \n Content-Type: text/plain; charset= \" utf-8 \" ; Format= \" flowed \" \r \n " ;
public static string BASE64_BODY_ENCODED = " CkhleSBSaWNhcmRvLAoKVGhhbmtzIGZvciBsb29raW5nIGludG8gdGhpcy4KCk9uIFR1ZSwgRGVj \r \n IDEzLCAyMDE2IGF0IDEwOjIzIEFNLCBSaWNhcmRvIEJ1Z2FsaG8gPHJidWdhbGhvQGdtYWlsLmNv \r \n bT4gCndyb3RlOgo+IGZyb20gbXkgdGVzdGluZywgdGhlIHByZWZldGNoX3BlcmlvZF9kYXlzIGRv \r \n ZXMgbm90IHdvcmsgZm9yIElOQk9YLgo+IFRoaXMgaXMgYW5ub3lpbmcsIEkgd2FudCB0byBwcmVm \r \n ZXRjaCBhbGwgbXkgZS1tYWlsLCBzbyBJIGNhbiBydW4gCj4gc2VhcmNoCj4gZXMuCj4gCj4gQXMg \r \n ZmFyIGFzIEkgY291bGQsIEkndmUgdHJhY2VkIHRoZSBwcm9ibGVtIGRvd24gdG8gdGhpcyBjb25k \r \n aXRpb24gaW4KPiBzZW5kX2FsbDoKPiAKPiAgICAgaWYgKGltYXBfZm9sZGVyLmdldF9vcGVuX3N0 \r \n YXRlKCkgIT0gRm9sZGVyLk9wZW5TdGF0ZS5DTE9TRUQpCj4gICAgICAgICAgICAgICAgIGNvbnRp \r \n bnVlOwo+IAo+IGh0dHBzOi8vZ2l0aHViLmNvbS9HTk9NRS9nZWFyeS9ibG9iL21hc3Rlci9zcmMv \r \n ZW5naW5lL2ltYXAtZW5naW5lL2ltYXAtCj4gZW5naW5lLWFjY291bnQtc3luY2hyb25pemVyLnZh \r \n bGEjTDE1MQo+IAo+IElOQk9YIGlzIGFsd2F5cyBvcGVuIGFuZCB0aHVzIGlzIG5ldmVyIHNlbnQg \r \n dG8gcHJvY2Vzc19xdWV1ZV9hc3luYy4KPiAKPi " ;
public static string BASE64_BODY_EXPECTED = " Hey Ricardo, Thanks for looking into this. On Tue, Dec 13, 2016 at 10:23 AM, Ricardo Bugalho <rbugalho@gmail.com> wrote: " ;
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
public static string HTML_BODY1_ENCODED = " " " <html><head>
< meta http - equiv = 3 DContent - Type content = 3 D " text/html; charset=3Dutf-8 " >
< style >
. bodyblack { font - family : Verdana , Arial , Helvetica , sans - serif ; font - size : =
12 px ; }
td { font - size : 12 px ; }
. footer { font - family : Verdana , Arial , Helvetica , sans - serif ; font - size : 10 =
px ; }
< / style >
< / head >
< body > < table cellSpacing = 3 D " 0 " cellPadding = 3 D " 0 " width = 3 D " 450 " border = 3 D " 0 " =
class = 3 D " bodyblack " > < tr > < td >
< p > < br / > Hi Kenneth , < br / > < br / > We xxxxx xxxx xx xxx xxx xx xxxx x xxxxx =
xxx xxxxxxxx . = C2 = A0 < br / > < br / > < br / > < br / > Thank you , < br / > < br / > XXXXX =
X XXXXXX < br / > < br / > You can reply directly to this message or click the fol =
lowing link : < br / > < a href = 3 D " https://app.foobar.com/xxxxxxxx752a0ab01641966=
deff6c48623aba " >https://app.foobar.com/xxxxxxxxxxxxxxxx1641966deff6c48623ab=
a < / a > < br / > < br / > You can change your email preferences at : < br / > < a href = 3 D " =
https : //app.foobar.com/xxxxxxxxxxxxx">https://app.foobar.com/xxxxxxxxxxx</a=
> < / p > < / td > < / tr >
< / table > < / body > < / html > " " " ;
2018-01-29 09:57:24 +10:30
public static string HTML_BODY1_EXPECTED = " Hi Kenneth, We xxxxx xxxx xx xxx xxx xx xxxx x xxxxxxxx xxxxxxxx. Thank you, XXXXXX XXXXXX You can reply directly to this message or click the following link: https://app.foobar.com/xxxxxxxxxxxxxxxx1641966deff6c48623aba You can change your email preferences at: https://app.foobar.com/xxxxxxxxxxx " ;
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
public static string HTML_BODY2_ENCODED = " " " <!DOCTYPE html>
< ! - - 2 c2a1c66 - 063 8 - 7 c87 - 5057 - bff8be4291eb_v180 - - >
< html >
< head >
< meta http - equiv = 3 D " Content-Type " content = 3 D " text/html; charset=3Dutf-8=
" ></meta><style type=3D " text / css " >
@ media only screen and ( max - width : 620 px ) {
body [ yahoo ] . device - width {
width : 450 px ! important
}
body [ yahoo ] . center {
text - align : center ! important
}
}
@ media only screen and ( max - width : 479 px ) {
body [ yahoo ] . device - width {
width : 300 px ! important ;
padding : 0
}
body [ yahoo ] . mobile - full - width {
width : 300 px ! important
}
}
body [ yahoo ] . mobile - full - width {
min - width : 103 px ;
max - width : 300 px ;
height : 38 px ;
}
body [ yahoo ] . mobile - full - width a {
display : block ;
padding : 10 px 0 ;
}
body [ yahoo ] . mobile - full - width td {
padding : 0 px ! important
}
body { width : 100 % ! important ; - webkit - text - size - adjust : 100 % ! important ; - =
ms - text - size - adjust : 100 % ! important ; - webkit - font - smoothing : antialiased ! =
important ; margin : 0 ! important ; padding : 0 0 100 px ! important ; font - family =
: Helvetica , Arial , sans - serif ! important ; background - color : # f9f9f9 }
. ReadMsgBody { width : 100 % ! important ; background - color : # ffffff ! important =
; }
. ExternalClass { width : 100 % ! important ; }
. ExternalClass { line - height : 100 % ! important ; }
img { display : block ! important ; outline : none ! important ; text - decoration : =
none ! important ; - ms - interpolation - mode : bicubic ! important ; }
td { word - wrap : break - word ; }
. blueLinks a {
color : # 0654 ba ! important ;
text - decoration : none ! important ;
}
. whiteLinks a {
color : # ffffff ! important ;
text - decoration : none ! important ;
font - weight : bold ! important ;
}
. wrapper {
width : 100 % ;
table - layout : fixed ;
- webkit - text - size - adjust : 100 % ;
- ms - text - size - adjust : 100 % ;
}
. webkit {
max - width : 100 % ;
margin : 0 auto ;
}
< / style > < ! - - [ if gte mso 9 ] >
< style > td . product - details - block { word - break : break - all } . threeColumns { width : 14 =
0 px ! important } . threeColumnsTd { padding : 10 px 20 px ! important } . fourColumns { wi =
dth : 158 px ! important } . fourColumnsPad { padding : 0 18 px 0 0 ! important } . fourCo =
lumnsTd { padding : 10 px 0 px ! important } . twoColumnSixty { width : 360 px ! important } =
table { mso - table - lspace : 0 pt ; mso - table - rspace : 0 pt ; } < / style >
< ! [ endif ] - - >
< style type = 3 D " text/css " >
@ media only screen and ( max - width : 2000 px ) {
* [ class = 3 Dcta - block ] {
padding : 24 px 0 24 px 0 px ! important ;
}
* [ class = 3 Dcta - block - 2 ] {
padding : 24 px 0 8 px 0 px ! important ;
}
* [ class = 3 Dcta - block - 3 ] {
padding : 8 px 0 24 px 0 px ! important ;
}
}
@ media only screen and ( max - width : 620 px ) {
* [ class = 3 Dcta - block ] {
padding : 24 px 0 24 px 0 px ! important ;
}
* [ class = 3 Dcta - block - 2 ] {
padding : 24 px 0 8 px 0 px ! important ;
}
* [ class = 3 Dcta - block - 3 ] {
padding : 8 px 0 24 px 0 px ! important ;
}
}
@ media screen and ( max - width : 480 px ) {
* [ class = 3 Dcta - block ] {
padding : 24 px 0 24 px ! important ;
}
* [ class = 3 Dcta - block - 2 ] {
padding : 24 px 0 8 px ! important ;
}
* [ class = 3 Dcta - block - 3 ] {
padding : 8 px 0 24 px ! important ;
}
* [ class = 3 Dmobile - ebayLogo ] {
padding : 8 px 0 8 px ! important ;
}
* [ class = 3 Dmobile - multi - item - left - image ] {
padding : 8 px 15 px 8 px 0 ! important ;
}
* [ class = 3 Dmobile - multi - item - right - image ] {
padding : 8 px 0 8 px 15 px ! important ;
}
* [ class = 3 Dmobile - dealmaker - headline ] {
font - size : 20 px ! important ;
line - height : 23 px ! important ;
}
td . mobile - dealmaker - CTA1 {
width : 303 px ! important ;
}
}
< / style >
< / head >
< body yahoo = 3 D " fix " > < center class = 3 D " wrapper " style = 3 D " background-color:=
# f9f9f9 " >
< div class = 3 D " webkit " style = 3 D " background-color: #f9f9f9 " > < table i =
d = 3 D " area2Container " width = 3 D " 100% " border = 3 D " 0 " cellpadding = 3 D " 0 " cellspac =
ing = 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: collapse !important; b=
order - spacing : 0 ! important ; border : none ; background - color : # f9f9f9 " >
< tr >
< td width = 3 D " 100% " valign = 3 D " top " style = 3 D " border-collapse: collapse !impor=
tant ; border - spacing : 0 ! important ; border : none ; " >
< table class = 3 D " device-width " style = 3 D " border-collapse: collapse !important=
; border - spacing : 0 ! important ; border : none ; " align=3D " center " bgcolor=3D " =
# f9f9f9 " border=3D " 0 " cellpadding=3D " 0 " cellspacing=3D " 0 " width=3D " 600 " >
< tbody >
< tr >
< td height = 3 D " 1 " valign = 3 D " top " style = 3 D " border-collapse: collapse !importa=
nt ; border - spacing : 0 ! important ; padding : 0 ; border : none ; font - size : 1 px ; =
line - height : 1 px ; color : # f9f9f9 " >
Buy It Now from US $ 1 , 750.00 to US $ 5 , 950.00 .
< / td >
< / tr >
< / tbody >
< / table >
< / td >
< / tr >
< / table > < table id = 3 D " area4Container " width = 3 D " 100% " border = 3 D " 0 " cellpaddi =
ng = 3 D " 0 " cellspacing = 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: colla=
pse ! important ; border - spacing : 0 ! important ; border : none ; background - colo =
r : # f9f9f9 " >
< tr >
< td width = 3 D " 100% " valign = 3 D " top " style = 3 D " border-collapse: collapse !impor=
tant ; border - spacing : 0 ! important ; border : none ; " >
< table width = 3 D " 600 " class = 3 D " device-width " border = 3 D " 0 " cellpadding = 3 D " 0 " =
cellspacing = 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: collapse !impo=
rtant ; border - spacing : 0 ! important ; border : none ; " >
< tr >
< td class = 3 D " mobile-ebayLogo " valign = 3 D " top " style = 3 D " border-collapse: coll=
apse ! important ; border - spacing : 0 ! important ; padding : 16 px 0 16 px ; border =
: none ; " ><a href=3D " http : //rover.ebay.com/rover/0/e11021.m1831.l3127/7?euid=
= 3 Dd9f42b5e860b4eabb98195c2888cba9e & bu = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F www =
. ebay . com . au % 2F ulk % 2F start % 2F shop & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 De =
xe , ext = 3 Dext , bu = 3 Dbu " style=3D " text - decoration : none ; color : # 0654 ba ; " ><img=
src = 3 D " http://p.ebaystatic.com/aw/email/eBayLogo.png " width = 3 D " 133 " border =
= 3 D " 0 " alt = 3 D " eBay " align = 3 D " left " style = 3 D " display: inline block; outline:=
none ; text - decoration : none ; - ms - interpolation - mode : bicubic ; border : none =
; " /></a><img src=3D " http : //rover.ebay.com/roveropen/0/e11021/7?euid=3Dd9f4=
2 b5e860b4eabb98195c2888cba9e & bu = 3 D43210693952 & exe = 3 D15083 & ext = 3 D38992 & sojTa =
gs = 3 Dexe = 3 Dexe , ext = 3 Dext , bu = 3 Dbu " alt=3D " " style=3D " border : 0 ; height : 1 ; " /><=
/ td >
< / tr >
< / table >
< / td >
< / tr >
< / table > < table id = 3 D " area4Container " width = 3 D " 100% " border = 3 D " 0 " cellpad =
ding = 3 D " 0 " cellspacing = 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: col=
lapse ! important ; border - spacing : 0 ! important ; border : none ; background - co =
lor : # f9f9f9 " >
< tr >
< td width = 3 D " 100% " valign = 3 D " top " style = 3 D " border-collapse: collapse !impor=
tant ; border - spacing : 0 ! important ; border : none ; " >
< table width = 3 D " 600 " cellspacing = 3 D " 0 " cellpadding = 3 D " 0 " border = 3 D " 0 " bgcol =
or = 3 D " #f9f9f9 " align = 3 D " center " style = 3 D " border-collapse: collapse !importa=
nt ; border - spacing : 0 ! important ; border : none ; " class=3D " device - width " >
< tbody >
< tr >
< td valign = 3 D " top " style = 3 D " border-collapse: collapse !important; border-sp=
acing : 0 ! important ; padding : 0 ; " >
< h1 align = 3 D " left " class = 3 D " mobile-dealmaker-headline " style = 3 D " font-family=
: Helvetica , Arial , sans - serif ; font - weight : 200 ; line - height : 29 px ; color : =
# 333333 ; text - align : left ; font - size : 24 px ; margin : 0 ; " >
Daccordi , Worldwide : < a href = 3 D ' http : //rover.ebay.com/rover/0/e11021.m3197.=
l1150 / 7 ? euid = 3 Dd9f42b5e860b4eabb98195c2888cba9e & bu = 3 D43210693952 & loc = 3 Dhttp =
% 3 A % 2F % 2F www . ebay . com . au % 2F sch % 2F Cycling - % 2F 7294 % 2F i . html % 3F LH_PrefLoc % 3 D2 % =
26 _sop % 3 D10 % 26 _fln % 3 D1 % 26 _nkw % 3 DDaccordi % 26 _trksid % 3 Dm194 % 26 ssPageName % 3 DST =
RK % 253 AMEFSRCHX % 253 ASRCH & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 Dexe , ext = 3 D =
ext , bu = 3 Dbu ' style = 3 D ' text - decoration : none ' > 2 new < / a > matches today
< / h1 >
< / td >
< / tr >
< / tbody >
< / table >
< / td >
< / tr >
< / table > < table width = 3 D " 100% " border = 3 D " 0 " cellpadding = 3 D " 0 " cellspacing =
= 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: collapse !important; bord=
er - spacing : 0 ! important ; border : none ; " >
< tr >
< td width = 3 D " 100% " valign = 3 D " top " bgcolor = 3 D " #f9f9f9 " style = 3 D " border-colla=
pse : collapse ! important ; border - spacing : 0 ! important ; border : none ; " >
< table width = 3 D " 600 " border = 3 D " 0 " align = 3 D " center " cellspacing = 3 D " 0 " cellpa =
dding = 3 D " 0 " style = 3 D " border-collapse: collapse !important; border-spacing: =
0 ! important ; border : none ; " class=3D " device - width " >
< tbody >
< tr >
< td valign = 3 D " top " style = 3 D " border-collapse: collapse !important; border-sp=
acing : 0 ! important ; border : none ; padding : 0 ; margin : 0 ; " >
< div align = 3 D " left " border = 3 D " 0 " cellspacing = 3 D " 0 " cellpadding = 3 D " 0 " width =
= 3 D " 146 " style = 3 D " border-collapse: separate !important; border-spacing: 0 !=
important ; border : none ; float : left ; display : inline ; " >
< table width = 3 D " 146 " border = 3 D " 0 " align = 3 D " left " cellspacing = 3 D " 0 " cellpadd =
ing = 3 D " 0 " style = 3 D " border-collapse: collapse !important; border-spacing: 0 =
! important ; border : none ; color : # 333333 " >
< tr >
< td class = 3 D " mobile-multi-item-left-image " valign = 3 D " top " style = 3 D " border-c=
ollapse : collapse ! important ; border - spacing : 0 ! important ; padding : 12 px 1 =
2 px 12 px 0 ; border : none ; " >
< table width = 3 D " 100% " border = 3 D " 0 " cellspacing = 3 D " 0 " cellpadding = 3 D " 0 " styl =
e = 3 D " border-collapse: collapse !important; border-spacing: 0 !important; bo=
rder : none ; " >
< tr >
< td style = 3 D " border-collapse: collapse !important; border-spacing: 0 !impor=
tant ; border : none ; padding : 0 ; margin : 0 ; " >
< table width = 3 D " 132 " height = 3 D " 132 " cellspacing = 3 D " 0 " cellpadding = 3 D " 0 " sty =
le = 3 D " border-collapse: collapse !important; border-spacing: 0 !important; p=
adding : 0 ; border : none ; " >
< tbody >
< tr >
< td width = 3 D " 132 " valign = 3 D " center " height = 3 D " 132 " align = 3 D " center " style =
= 3 D " max-width: 132px; border: 1px solid #dddddd; " >
< a href = 3 D " http://rover.ebay.com/rover/0/e11021.m43.l1120/7?euid=3Dd9f42b5e=
860 b4eabb98195c2888cba9e & bu = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F www . ebay . com . a =
u % 2F ulk % 2F itm % 2F 391655221238 & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 Dexe , ex =
t = 3 Dext , bu = 3 Dbu " >
< span style = 3 D " display: block; outline: none; text-decoration: none; -ms-in=
terpolation - mode : bicubic ; border - radius : 3 px ; margin : 0 ; " >
< img border = 3 D " 0 " src = 3 D " http://i.ebayimg.com/images/g/dxcAAOSwJ7RYVbhB/s-b=
132 x132 . jpg " style=3D " max - width : 100 % ; display : block ; outline : none ; text - d =
ecoration : none ; - ms - interpolation - mode : bicubic ; margin : 0 ; border : none ; " =
/ >
< / span >
< / a >
< / td >
< / tr >
< / tbody >
< / table >
< / td >
< / tr >
< tr >
< td valign = 3 D " top " style = 3 D " max-width: 132px; border-collapse: collapse !im=
portant ; border - spacing : 0 ! important ; padding : 12 px 0 0 ; border : none ; " >
< h3 align = 3 D " left " style = 3 D " font-family: Helvetica, Arial, sans-serif; font=
- weight : normal ; line - height : normal ; color : # 333333 ; text - align : left ; fon =
t - size : 12 px ; margin : 0 0 10 px ; word - break : break - all ; height : 31 px ; " >
< a style = 3 D " text-decoration: none; color: #0654ba; " href = 3 D " http://rover.eb=
ay . com / rover / 0 / e11021 . m43 . l3160 / 7 ? euid = 3 Dd9f42b5e860b4eabb98195c2888cba9e & b =
u = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F www . ebay . com . au % 2F ulk % 2F itm % 2F 3916552212 =
38 & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 Dexe , ext = 3 Dext , bu = 3 Dbu " >
Daccordi 50 th anniversary edition with . . .
< / a >
< / h3 >
< / td >
< / tr >
< tr >
< td align = 3 D " left " style = 3 D " border-collapse: collapse !important; border-sp=
acing : 0 ! important ; font - family : Helvetica , Arial , sans - serif ; text - align : =
left ; font - size : 12 px ; font - weight : bold ; border : none ; padding - bottom : 8 p =
x ; " >
Buy it now : US $ 5 , 950.00
< / td >
< / tr >
< tr >
< td align = 3 D " left " style = 3 D " border-collapse: collapse !important; border-sp=
acing : 0 ! important ; font - family : Helvetica , Arial , sans - serif ; text - align : =
left ; font - size : 12 px ; color : # E53238 ; font - weight : normal ; border : none ; =
padding : 0 ; margin : 0 ; " >
100 % positive feedback
< / td >
< / tr >
< / table >
< / td >
< / tr >
< / table >
< table width = 3 D " 146 " border = 3 D " 0 " align = 3 D " left " cellspacing = 3 D " 0 " cellpadd =
ing = 3 D " 0 " style = 3 D " border-collapse: collapse !important; border-spacing: 0 =
! important ; border : none ; color : # 333333 " >
< tr >
< td class = 3 D " mobile-multi-item-right-image " valign = 3 D " top " style = 3 D " border-=
collapse : collapse ! important ; border - spacing : 0 ! important ; padding : 12 px =
12 px 12 px 0 ; border : none ; " >
< table width = 3 D " 100% " border = 3 D " 0 " cellspacing = 3 D " 0 " cellpadding = 3 D " 0 " styl =
e = 3 D " border-collapse: collapse !important; border-spacing: 0 !important; bo=
rder : none ; " >
< tr >
< td style = 3 D " border-collapse: collapse !important; border-spacing: 0 !impor=
tant ; border : none ; padding : 0 ; margin : 0 ; " >
< table width = 3 D " 132 " height = 3 D " 132 " cellspacing = 3 D " 0 " cellpadding = 3 D " 0 " sty =
le = 3 D " border-collapse: collapse !important; border-spacing: 0 !important; p=
adding : 0 ; border : none ; " >
< tbody >
< tr >
< td width = 3 D " 132 " valign = 3 D " center " height = 3 D " 132 " align = 3 D " center " style =
= 3 D " max-width: 132px; border: 1px solid #dddddd; " >
< a href = 3 D " http://rover.ebay.com/rover/0/e11021.m43.l1120/7?euid=3Dd9f42b5e=
860 b4eabb98195c2888cba9e & bu = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F www . ebay . com . a =
u % 2F ulk % 2F itm % 2F 132037720927 & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 Dexe , ex =
t = 3 Dext , bu = 3 Dbu " >
< span style = 3 D " display: block; outline: none; text-decoration: none; -ms-in=
terpolation - mode : bicubic ; border - radius : 3 px ; margin : 0 ; " >
< img border = 3 D " 0 " src = 3 D " http://i.ebayimg.com/images/g/C3cAAOSwj85YOiHQ/s-b=
132 x132 . jpg " style=3D " max - width : 100 % ; display : block ; outline : none ; text - d =
ecoration : none ; - ms - interpolation - mode : bicubic ; margin : 0 ; border : none ; " =
/ >
< / span >
< / a >
< / td >
< / tr >
< / tbody >
< / table >
< / td >
< / tr >
< tr >
< td valign = 3 D " top " style = 3 D " max-width: 132px; border-collapse: collapse !im=
portant ; border - spacing : 0 ! important ; padding : 12 px 0 0 ; border : none ; " >
< h3 align = 3 D " left " style = 3 D " font-family: Helvetica, Arial, sans-serif; font=
- weight : normal ; line - height : normal ; color : # 333333 ; text - align : left ; fon =
t - size : 12 px ; margin : 0 0 10 px ; word - break : break - all ; height : 31 px ; " >
< a style = 3 D " text-decoration: none; color: #0654ba; " href = 3 D " http://rover.eb=
ay . com / rover / 0 / e11021 . m43 . l3160 / 7 ? euid = 3 Dd9f42b5e860b4eabb98195c2888cba9e & b =
u = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F www . ebay . com . au % 2F ulk % 2F itm % 2F 1320377209 =
27 & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 Dexe , ext = 3 Dext , bu = 3 Dbu " >
Daccordi Griffe Campagnolo Croce D ' Aune . . .
< / a >
< / h3 >
< / td >
< / tr >
< tr >
< td align = 3 D " left " style = 3 D " border-collapse: collapse !important; border-sp=
acing : 0 ! important ; font - family : Helvetica , Arial , sans - serif ; text - align : =
left ; font - size : 12 px ; font - weight : bold ; border : none ; padding - bottom : 8 p =
x ; " >
Buy it now : US $ 1 , 750.00
< / td >
< / tr >
< tr >
< td align = 3 D " left " style = 3 D " border-collapse: collapse !important; border-sp=
acing : 0 ! important ; font - family : Helvetica , Arial , sans - serif ; text - align : =
left ; font - size : 12 px ; color : # E53238 ; font - weight : normal ; border : none ; =
padding : 0 ; margin : 0 ; " >
100 % positive feedback
< / td >
< / tr >
< / table >
< / td >
< / tr >
< / table >
< / div >
< / td >
< / tr >
< / tbody >
< / table >
< / td >
< / tr >
< / table > < table id = 3 D " area5Container " width = 3 D " 100% " border = 3 D " 0 " cellpaddi =
ng = 3 D " 0 " cellspacing = 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: colla=
pse ! important ; border - spacing : 0 ! important ; border : none ; background - colo =
r : # f9f9f9 " >
< tr >
< td >
< table width = 3 D " 600 " class = 3 D " device-width " border = 3 D " 0 " cellpadding = 3 D " 0 " =
cellspacing = 3 D " 0 " align = 3 D " center " bgcolor = 3 D " #f9f9f9 " style = 3 D " border-coll=
apse : collapse ! important ; border - spacing : 0 ! important ; border : none ; " >
< tr >
< td valign = 3 D " top " class = 3 D " cta-block-2 " style = 3 D " border-collapse: collapse=
! important ; border - spacing : 0 ! important ; border : none ; " >
< table align = 3 D " left " cellpadding = 3 D " 0 " cellspacing = 3 D " 0 " border = 3 D " 0 " styl =
e = 3 D " border-collapse: collapse !important; border-spacing: 0 !important; bo=
rder : none ; padding : 10 px 0 " >
< tr > < td >
< table align = 3 D " left " cellpadding = 3 D " 0 " cellspacing = 3 D " 0 " border = 3 D " 0 " clas =
s = 3 D " mobile-full-width " style = 3 D " max-width: 320px; border-collapse: collaps=
e ! important ; border - spacing : 0 ! important ; " >
< tr >
< td width = 3 D " 292 " valign = 3 D " top " class = 3 D " center mobile-dealmaker-CTA1 " ali =
gn = 3 D " center " bgcolor = 3 D " #0654BA " style = 3 D " min-width: 290px;border-collapse=
: collapse ! important ; border - spacing : 0 ! important ; font - size : 16 px ; line - =
height : normal ; background - color : 0654 BA ; padding : 11 px 17 px ; " >
< a href = 3 D " http://rover.ebay.com/rover/0/e11021.m4442.l1150/7?euid=3Dd9f42b=
5e860 b4eabb98195c2888cba9e & bu = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F www . ebay . com =
. au % 2F sch % 2F Cycling - % 2F 7294 % 2F i . html % 3F LH_PrefLoc % 3 D2 % 26 _sop % 3 D10 % 26 _fln % 3 D =
1 % 26 _nkw % 3 DDaccordi % 26 _trksid % 3 Dm194 % 26 ssPageName % 3 DSTRK % 253 AMEFSRCHX % 253 AS =
RCH & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 Dexe , ext = 3 Dext , bu = 3 Dbu " style=3D=
" text-decoration: none; color: #ffffff; font-size: 16px; line-height: 18px;=
font - weight : 200 ; font - family : Helvetica , Arial , sans - serif ; padding : 11 px =
17 px ; " > View all results</a>
< / td >
< / tr >
< / table >
< / td >
< td style = 3 D " border-collapse: collapse !important;
border - spacing : 0 ; ! important ; padding : 0 " ><img class=3D " collapse " src=3D " h =
ttp : //p.ebaystatic.com/aw/email/Welcome_Day_0/spacer.gif" width=3D"5" heigh=
t = 3 D " 1 " alt = 3 D " " border = 3 D " 0 " style = 3 D " display:block; width: 5px !important=
" ></td>
< / tr >
< ! [ if ! gte mso 9 ] >
< tr >
< td style = 3 D " border-collapse: collapse !important;
border - spacing : 0 ; ! important ; padding : 0 " ><img src=3D " http : //p.ebaystatic.=
com / aw / email / Welcome_Day_0 / spacer . gif " width=3D " 1 " height=3D " 5 " alt=3D " " bo=
rder = 3 D " 0 " style = 3 D " display:block; height: 5px !important " > < / td >
< / tr >
< ! [ endif ] - - >
< / table >
< table align = 3 D " left " cellpadding = 3 D " 0 " cellspacing = 3 D " 0 " border = 3 D " 0 " styl =
e = 3 D " border-collapse: collapse !important; border-spacing: 0 !important; bo=
rder : none ; padding : 10 px 0 " >
< tr > < td >
< table align = 3 D " left " cellpadding = 3 D " 0 " cellspacing = 3 D " 0 " border = 3 D " 0 " clas =
s = 3 D " mobile-full-width " style = 3 D " max-width: 320px; border-collapse: collaps=
e ! important ; border - spacing : 0 ! important ; border : 1 px solid # dddddd ; borde =
r - radius : 3 px ; " >
< tr >
< td width = 3 D " 290 " valign = 3 D " top " class = 3 D " center mobile-dealmaker-CTA1 " ali =
gn = 3 D " center " bgcolor = 3 D " #ffffff " style = 3 D " min-width: 290px; border-collaps=
e : collapse ! important ; border - spacing : 0 ! important ; font - size : 16 px ; line =
- height : normal ; background - color : ffffff ; padding : 10 px 17 px ; " >
< a href = 3 D " http://rover.ebay.com/rover/0/e11021.m4442.l1179/7?euid=3Dd9f42b=
5e860 b4eabb98195c2888cba9e & bu = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F www . ebay . com =
. au % 2F sch % 2F Cycling - % 2F 7294 % 2F i . html % 3F LH_PrefLoc % 3 D2 % 26 _sop % 3 D10 % 26 _fln % 3 D =
1 % 26 _nkw % 3 DDaccordi % 26 _trksid % 3 Dm194 % 26 ssPageName % 3 DSTRK % 253 AMEFSRCHX % 253 AS =
RCH % 26 replaceid % 3 D19105329025 & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 Dexe , e =
xt = 3 Dext , bu = 3 Dbu " style=3D " text - decoration : none ; color : # 0654 BA ; font - size =
: 16 px ; line - height : 18 px ; font - weight : 200 ; font - family : Helvetica , Arial , =
sans - serif ; padding : 10 px 17 px ; " >Refine this search</a>
< / td >
< / tr >
< / table >
< / td >
< td style = 3 D " border-collapse: collapse !important;
border - spacing : 0 ; ! important ; padding : 0 " ><img class=3D " collapse " src=3D " h =
ttp : //p.ebaystatic.com/aw/email/Welcome_Day_0/spacer.gif" width=3D"5" heigh=
t = 3 D " 1 " alt = 3 D " " border = 3 D " 0 " style = 3 D " display:block; width: 5px !important=
" ></td>
< / tr >
< ! [ if ! gte mso 9 ] >
< tr >
< td style = 3 D " border-collapse: collapse !important;
border - spacing : 0 ; ! important ; padding : 0 " ><img src=3D " http : //p.ebaystatic.=
com / aw / email / Welcome_Day_0 / spacer . gif " width=3D " 1 " height=3D " 5 " alt=3D " " bo=
rder = 3 D " 0 " style = 3 D " display:block; height: 5px !important " > < / td >
< / tr >
< ! [ endif ] - - >
< / table >
< / td >
< / tr >
< tr >
< td valign = 3 D " top " class = 3 D " cta-block-3 " style = 3 D " border-collapse: collapse=
! important ; border - spacing : 0 ! important ; padding : 0 0 8 px 0 px ; border : no =
ne ; " >
< table width = 3 D " 100% " align = 3 D " left " cellpadding = 3 D " 0 " cellspacing = 3 D " 0 " bo =
rder = 3 D " 0 " style = 3 D " border-collapse: collapse !important; border-spacing: 0=
! important ; border : none ; " >
< tr >
< td width = 3 D " 100% " valign = 3 D " top " class = 3 D " center " align = 3 D " center " style =
= 3 D " border-collapse: collapse !important; border-spacing: 0 !important; fon=
t - size : 14 px ; line - height : normal ; padding : 0 px 17 px ; " >
< a href = 3 D " http://rover.ebay.com/rover/0/e11021.m4442.l1142/7?euid=3Dd9f42b=
5e860 b4eabb98195c2888cba9e & bu = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F contact . ebay =
. com . au % 2F ws % 2F eBayISAPI . dll % 3F UnsubscribeEmailFavoriteSearch % 26 % 26 query % 3 D =
3139313035333239303235 - 0 db6b1b2ceaf88ebfc5edb9514cc5a36 & exe = 3 D15083 & ext = 3 D3 =
8992 & sojTags = 3 Dexe = 3 Dexe , ext = 3 Dext , bu = 3 Dbu " style=3D " text - decoration : none ; =
color : # 0654 BA ; font - size : 14 px ; line - height : 18 px ; font - weight : normal ; f =
ont - family : Helvetica , Arial , sans - serif ; " > Disable emails for this search<=
/ a >
< / td >
< / tr >
< / table >
< / td >
< / tr >
< / table >
< / td >
< / tr >
< / table > < table id = 3 D " area8Container " width = 3 D " 100% " border = 3 D " 0 " cellpaddi =
ng = 3 D " 0 " cellspacing = 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: colla=
pse ! important ; border - spacing : 0 ! important ; border : none ; border - top : sol =
id 1 px # dddddd ; background - color : # ffffff " ><tr><td style=3D " font - size : 0 px ; =
line - height : 0 px " height=3D " 1 " > </td></tr></table> <table id=3D " area11C =
ontainer " class=3D " whiteSection " width=3D " 100 % " border=3D " 0 " cellpadding=3D=
" 0 " cellspacing = 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: collapse !=
important ; border - spacing : 0 ! important ; border : none ; background - color : # f =
fffff " >
< tr >
< td width = 3 D " 100% " valign = 3 D " top " style = 3 D " border-collapse: collapse !impor=
tant ; border - spacing : 0 ! important ; border : none ; " >
< table width = 3 D " 600 " class = 3 D " device-width " border = 3 D " 0 " cellpadding = 3 D " 0 " =
cellspacing = 3 D " 0 " align = 3 D " center " style = 3 D " border-collapse: collapse !impo=
rtant ; border - spacing : 0 ! important ; border : none ; " >
< tr >
< td class = 3 D " ebay-footer-block " style = 3 D " border-collapse: collapse !importa=
nt ; border - spacing : 0 ! important ; padding : 20 px 0 60 px ; border : none ; " >
< div id = 3 D " ReferenceId " >
< p style = 3 D " font-family: Helvetica, Arial, sans-serif; font-weight: normal;=
line - height : normal ; color : # 888888 ; text - align : left ; font - size : 11 px ; ma =
rgin : 0 0 10 px ; " align=3D " left " ><strong>
Email reference id : [ # d9f42b5e860b4eabb98195c2888cba9e # ]
< / strong > < / p > < / div >
< p style = 3 D " font-family: Helvetica, Arial, sans-serif; font-weight: normal;=
line - height : normal ; color : # 888888 ; text - align : left ; font - size : 11 px ; ma =
rgin : 0 0 10 px ; " align=3D " left " >
We don ' t check this mailbox , so please don ' t reply to this message . If you =
have a question , go to < a style = 3 D " text-decoration: none; color: #555555; " =
href = 3 D " http://rover.ebay.com/rover/0/e11021.m1852.l6369/7?euid=3Dd9f42b5e8=
60 b4eabb98195c2888cba9e & bu = 3 D43210693952 & loc = 3 Dhttp % 3 A % 2F % 2F ocsnext . ebay . co =
m . au % 2F ocs % 2F home & exe = 3 D15083 & ext = 3 D38992 & sojTags = 3 Dexe = 3 Dexe , ext = 3 Dext , bu =
= 3 Dbu " target=3D " _blank " >Help & Contact</a>.
< / p >
< p style = 3 D " font-family: Helvetica, Arial, sans-serif; font-weight: normal;=
line - height : normal ; color : # 888888 ; text - align : left ; font - size : 11 px ; ma =
rgin : 0 0 10 px ; " align=3D " left " >
& copy ; 2016 eBay Inc . , eBay International AG Helvetiastrasse 15 / 17 - P . O . Bo =
x 133 , 3000 Bern 6 , Switzerland
< / p >
< / td >
< / tr >
< / table >
< / td >
< / tr >
< / table > < / div >
< / center > < / body >
< / html >
" " " ;
2018-01-29 09:57:24 +10:30
public static string HTML_BODY2_EXPECTED = " Buy It Now from US $1,750.00 to US $5,950.00. eBay Daccordi, Worldwide: 2 new matches today Daccordi 50th anniversary edition with... Buy it now: US $5,950.00 100% positive feedback Daccordi Griffe Campagnolo Croce D'Aune... Buy it now: US $1,750.00 100% positive feedback View all results Refine this search Disable emails for this search Email reference id: [#d9f42b5e860b4eabb98195c2888cba9e#] We don't check this mailbox, so please don't reply to this message. If you have a question, go to Help & Contact. ©2016 eBay Inc., eBay International AG Helvetiastrasse 15/17 - P.O. Box 133, 3000 Bern 6, Switzerland " ;
Fix HTML, CSS and JS leaking into conversation list preview. Bug 714317
When generating the preview, only the first 128 bytes of the first MIME
part is fetched and used. If this part is text/html with a significant
amount of embedded CSS, then there is a good chance the string passed to
Geary.HTML::remove_html_tags() will be invalid, or be missing closing
elements. Since that function uses regexes that require balanced tags to
remove script and style blocks, then it was very possible that in these
cases this method will miss removing these blocks.
To solve this, remove_html_tags() is removed and its call sites are
replaced by calls to Geary.HTML::html_to_text(), which has been tidyied
up to produce more human-readable result.
Add unit tests to cover new html_to_text functionality and its call
sites.
* src/engine/util/util-html.vala: Remove remove_html_tags(). Update
html_to_text() to not just insert line breaks, but also insert spaces
and alt text, and ignore tags like HEAD, SCRIPT and STYLE, as
appropriate. Add an optional param to also allow skipping BLOCKQUOTE
elements, which we don't want in the preview.
2016-12-18 23:28:53 +11:00
}
