You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by Henrik K <he...@hege.li> on 2019/05/07 05:12:24 UTC

Re: svn commit: r1858824 - /spamassassin/trunk/rules/20_html_tests.cf

Should we not fix the blatantly bad __OBFUSCATING_COMMENT_A (and B) too? :-)

On Mon, May 06, 2019 at 08:17:25PM -0000, kb@apache.org wrote:
> Author: kb
> Date: Mon May  6 20:17:25 2019
> New Revision: 1858824
> 
> URL: http://svn.apache.org/viewvc?rev=1858824&view=rev
> Log:
> HIDE_WIN_STATUS -- Limit the substring matches inside HTML tags to 1000 chars
> each.  Using unlimited quantifiers may take exceedingly long for the edge case
> of huge text blobs containing quiet a couple "<" chars.
> 
> 
> Modified:
>     spamassassin/trunk/rules/20_html_tests.cf
> 
> Modified: spamassassin/trunk/rules/20_html_tests.cf
> URL: http://svn.apache.org/viewvc/spamassassin/trunk/rules/20_html_tests.cf?rev=1858824&r1=1858823&r2=1858824&view=diff
> ==============================================================================
> --- spamassassin/trunk/rules/20_html_tests.cf (original)
> +++ spamassassin/trunk/rules/20_html_tests.cf Mon May  6 20:17:25 2019
> @@ -56,7 +56,7 @@ describe HTML_MISSING_CTYPE	Message is H
>  ###########################################################################
>  # rawbody HTML tests
>  
> -rawbody HIDE_WIN_STATUS		/<[^>]+onMouseOver=[^>]+window\.status=/i
> +rawbody HIDE_WIN_STATUS		/<[^>]{1,1000}onMouseOver=[^>]{1,1000}window\.status=/i
>  describe HIDE_WIN_STATUS	Javascript to hide URLs in browser
>  
>  rawbody __OBFUSCATING_COMMENT_A	/\w(?:<![^>]*>)+\w/
>