Package: sanitizer Version: 1.76-3 If a <style> block politely contains <!-- and --> comment markers to hide the style sheet on old browsers the sanitizer code to hide the style sheet for impolite mail generators breaks the message.
It leaves the opening style tag incomplete in the form "<style_01 " with the comment marker following after. This patch adds a trailing '>' to the style tag to close it so the produced HTML isn't severely broken in this case. Robert de Bath --- HTMLCleaner.pm 2012-04-29 10:08:09.000000000 +0100 +++ /usr/share/perl5/Anomy/HTMLCleaner.pm 2012-04-29 10:09:47.000000000 +0100 @@ -791,7 +791,7 @@ my $data = shift; my $cnt = $self->{style_index}++; $self->{styles}->[$cnt] = $data; - return "<style_$cnt "; + return "<style_$cnt> "; } # This routine sanitizes a snippet of HTML. @@ -827,8 +827,8 @@ { $self->{"style_count"} += ($$data_ptr =~ s/<(style[^<>]*)>/ $self->record_style($1) /geis); } - $self->{"style_count"} -= ($$data_ptr =~ s/<style_(\d+)( [^<>]+)(<\/style>)/<$self->{styles}->[$1]$2>$3/gis); - $self->{"style_count"} -= ($$data_ptr =~ s/<style_(\d+) ([^<>]+)</<$self->{styles}->[$1]>$2</gis); + $self->{"style_count"} -= ($$data_ptr =~ s/<style_(\d+)>( [^<>]+)(<\/style>)/<$self->{styles}->[$1]$2>$3/gis); + $self->{"style_count"} -= ($$data_ptr =~ s/<style_(\d+)> ([^<>]+)</<$self->{styles}->[$1]>$2</gis); # Check for trailing tags... if ($$data_ptr =~ s/(<(?:!--\s+)?[A-Za-z]+[^>]+)$//s) @@ -838,7 +838,7 @@ { if (($self->{"style_count"} > 0) && # Fix this long evil tag we artificially spawned above... - (my $n = ($leftovers =~ s/<style_(\d+) ([^>]*)$/<$self->{styles}->[$1]>$2/is))) + (my $n = ($leftovers =~ s/<style_(\d+)> ([^>]*)$/<$self->{styles}->[$1]>$2/is))) { $self->{"style_count"} -= $n; }