banananetwork
/
roundcubemail
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

- Fix login page loading into an iframe when session expires (#1485952)

Browse Source
release-0.6
alecpl 15 years ago
parent ab46578d98
commit ccc80d1ca8
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File

1
CHANGELOG
Unescape Escape View File

@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail CHANGELOG RoundCube Webmail
=========================== ===========================
- Fix login page loading into an iframe when session expires (#1485952)
- added option 'force_https_port' in 'force_https' plugin (#1486091) - added option 'force_https_port' in 'force_https' plugin (#1486091)
- Option 'force_https' replaced by 'force_https' plugin - Option 'force_https' replaced by 'force_https' plugin
- Fix IE issue with non-UTF-8 characters in AJAX response (#1486159) - Fix IE issue with non-UTF-8 characters in AJAX response (#1486159)

6
index.php
Unescape Escape View File

@ -142,7 +142,7 @@ $request_check_whitelist = array('login'=>1, 'spell'=>1);
// check client X-header to verify request origin // check client X-header to verify request origin
if ($OUTPUT->ajax_call) { if ($OUTPUT->ajax_call) {
if (!$RCMAIL->config->get('devel_mode') && rc_request_header('X-RoundCube-Request') != $RCMAIL->get_request_token()) { if (!$RCMAIL->config->get('devel_mode') && rc_request_header('X-RoundCube-Request') != $RCMAIL->get_request_token() && !empty($RCMAIL->user->ID)) {
header('HTTP/1.1 404 Not Found'); header('HTTP/1.1 404 Not Found');
die("Invalid Request"); die("Invalid Request");
} }
@ -155,10 +155,12 @@ else if (!empty($_POST) && !$request_check_whitelist[$RCMAIL->action] && !$RCMAI
// not logged in -> show login page // not logged in -> show login page
if (empty($RCMAIL->user->ID)) { if (empty($RCMAIL->user->ID)) {
if ($OUTPUT->ajax_call) if ($OUTPUT->ajax_call)
$OUTPUT->redirect(array(), 2000); $OUTPUT->redirect(array(), 2000);
if (!empty($_REQUEST['_framed']))
$OUTPUT->command('redirect', $OUTPUT->app->url());
// check if installer is still active // check if installer is still active
if ($RCMAIL->config->get('enable_installer') && is_readable('./installer/index.php')) { if ($RCMAIL->config->get('enable_installer') && is_readable('./installer/index.php')) {
$OUTPUT->add_footer(html::div(array('style' => "background:#ef9398; border:2px solid #dc5757; padding:0.5em; margin:2em auto; width:50em"), $OUTPUT->add_footer(html::div(array('style' => "background:#ef9398; border:2px solid #dc5757; padding:0.5em; margin:2em auto; width:50em"),

Write Preview
Loading…
Cancel
Save