6.0.0-beta1
▾
Tasks
New Task
Search
Photos
Wiki
▾
Tickets
New Ticket
Search
dev.horde.org
Toggle Alerts Log
Help
10/20/25
H
istory
A
ttachments
C
omment
W
atch
Download
Comment on [#8094] phishing warning
*
Your Email Address
*
Spam protection
Enter the letters below:
.___.\ /.___. ..__ | >< [__ | |[__) | / \[___|/\|| \
Comment
> In fact, the url is over two lines: Don't know how to patch it, and > even it that make sense. Firefox is interpreting as a > > > > . S�minaires du mois de mars de l'UMR 891 INSERM - Centre de Recherche > > en Canc�rologie : www.univmed.fr/communication/ > > ?id=45418&file=SEMINAIRES_MARS_09.doc > > <http://www.univmed.fr/communication/?id=45418&file=SEMINAIRES_MARS_09.doc> > > > > What has been rendered to firefox is: > > > > <td bgcolor="#ffffff" height="50"> > > <div align="justify"><span class="uni1">•</span> <span > > class="uni2">Séminaires </span><span class="uni1">du mois de mars de > > l'UMR 891 INSERM - Centre de Recherche en Cancérologie : <a > target="_blank" > > class="mimeStatusWarning" > href="http://www.univmed.fr/communication/?id=45418&file=SEMINAIRES_MARS_09.doc">www.univmed.fr/communication/<br> > > > > ?id=45418&file=SEMINAIRES_MARS_09.doc</a></span><br> > > </div> > > </td> > > </tr> > > > > > > > > > >>> Hello, > >>> > >>> Our communication departement email are seen with phishing warning. > >>> So I added some traces in ./lib/Horde/MIME/Viewer/html.php around > >>> line 117 > >>> > >>> preg_match('/\.?([^\.\/]+\.[^\.\/]+)[\/?]/', > >>> $link, $host1); > >>> preg_match('/\.?([^\.\/]+\.[^\.\/ ]+)([\/ > >>> ].*)?$/', $target, $host2); > >>> if (!(count($host1) && count($host2)) || > >>> strcasecmp($host1[1], $host2[1]) !== 0) { > >>> Horde::logMessage("tracedom2 l:$link t:$target ".$host1[1]." > >>> ".$host2[1], __FILE__, __LINE__, PEAR_LOG_ERR); > >>> $data = > >>> preg_replace('/href\s*=\s*["\']?\s*(?:http|https|ftp):\/\/' . > >>> preg_quote($m[1][$i], '/') . > >>> '["\']?[^>]*>\s*(?:(?:http|https|ftp):\/\/)?' . preg_quote($m[2][$i], > >>> '/') . '<\/a/is', 'class="mimeStatusWarning" $0', $data); > >>> $phish_warn = true; > >>> } > >>> > >>> it produces that: > >>> tracedom2 > >>> l:www.univmed.fr/communication/?id=45418&file=seminaires_mars_09.doc > >>> t:www.univmed.fr/communication/^M > >>> ?id=45418&file=seminaires_mars_09.doc univmed.fr ^M > >>> ?id=45418&file=seminaires_mars_09.doc [pid 30835 on line 120 of > >>> "/var/www/perso/horde-webmail-1.2.2/lib/Horde/MIME/Viewer/html.php"] > >>> > >>> which means: > >>> link and target are equal (may be should we test for equality first, > >>> could be faster than regexp..) and after there is a confusion for the > >>> value of host2. Debugging the regular expression is not easy. I have > >>> no patch to put. Prefer leave Mickael have a look.. > >>> > >>> I'm quite sure that /?id= is confusing the regexp > >>> > >>> Dom > >>> > >>> > >>> > >> > >> I've added the mail in attachment > >> > >
Attachment
Watch this ticket
N
ew Ticket
M
y Tickets
S
earch
Q
uery Builder
R
eports
Saved Queries
Open Bugs
Bugs waiting for Feedback
Open Bugs in Releases
Open Enhancements
Enhancements waiting for Feedback
Bugs with Patches
Enhancements with Patches
Release Showstoppers
Stalled Tickets
New Tickets
Horde 5 Showstoppers