File: Fix-regression-where-printing-scaling-rotating-image-atta.patch

package info (click to toggle)
roundcube 1.6.5%2Bdfsg-1%2Bdeb12u5
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 45,000 kB
  • sloc: javascript: 204,325; php: 75,933; sql: 3,150; sh: 2,878; pascal: 1,079; makefile: 229; xml: 93; perl: 73; ansic: 48; python: 21
file content (71 lines) | stat: -rw-r--r-- 3,094 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
 
From: Aleksander Machniak <alec@alec.pl>
Date: Thu, 8 Aug 2024 13:54:32 +0200
Subject: Fix regression where printing/scaling/rotating image attachments was
 broken

Origin: https://github.com/roundcube/roundcubemail/commit/32fed15346e5b842042e5dd1001d6878225c5367
Bug: https://github.com/roundcube/roundcubemail/issues/9571
Bug-Debian: https://bugs.debian.org/1078456
---
 program/js/app.js                      | 19 +++++++------------
 program/lib/Roundcube/rcube_output.php |  3 ++-
 2 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/program/js/app.js b/program/js/app.js
index 68135ee..16dcbb4 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -407,13 +407,11 @@ function rcube_webmail()
               var contents = $(this).contents();
 
               // do not apply styles to an error page (with no image)
-              if (contents.find('img').length)
-                contents.find('head').append(
-                  '<style type="text/css">'
-                  + 'img { max-width:100%; max-height:100%; } ' // scale
-                  + 'body { display:flex; align-items:center; justify-content:center; height:100%; margin:0; }' // align
-                  + '</style>'
-                );
+              if (contents.find('img').length) {
+                contents.find('img').css({ maxWidth: '100%', maxHeight: '100%' });
+                contents.find('body').css({ display: 'flex', alignItems: 'center', justifyContent: 'center', height: '100%', margin: 0 });
+                contents.find('html').css({ height: '100%' });
+              }
             });
         }
         // show printing dialog unless decryption must be done first
@@ -5714,9 +5712,7 @@ function rcube_webmail()
   this.apply_image_style = function()
   {
     var style = [],
-      head = $(this.gui_objects.messagepartframe).contents().find('head');
-
-    $('#image-style', head).remove();
+      img = $(this.gui_objects.messagepartframe).contents().find('img');
 
     $.each({scale: '', rotate: 'deg'}, function(i, v) {
       var val = ref.image_style[i];
@@ -5724,8 +5720,7 @@ function rcube_webmail()
         style.push(i + '(' + val + v + ')');
     });
 
-    if (style)
-      head.append($('<style id="image-style">').text('img { transform: ' + style.join(' ') + '}'));
+    img.css('transform', style.join(' '));
   };
 
   // Update import dialog state
diff --git a/program/lib/Roundcube/rcube_output.php b/program/lib/Roundcube/rcube_output.php
index 0a8b664..c2c5c53 100644
--- a/program/lib/Roundcube/rcube_output.php
+++ b/program/lib/Roundcube/rcube_output.php
@@ -286,7 +286,8 @@ abstract class rcube_output
         }
 
         // Use strict security policy to make sure no javascript content is executed
-        header("Content-Security-Policy: default-src 'none'");
+        // img-src is needed to be able to print attachment preview page
+        header("Content-Security-Policy: default-src 'none'; img-src 'self'");
 
         // don't kill the connection if download takes more than 30 sec.
         if (!array_key_exists('time_limit', $params)) {