Commit Graph

2309 Commits (0716d499bc591f43a7eabc19da672bbbee41b976)

Author SHA1 Message Date
Aleksander Machniak 0716d499bc Fix bug where some escape sequences in html styles could bypass security checks 7 years ago
Aleksander Machniak 78e84a5c79 Update changelog 7 years ago
Aleksander Machniak 60922dc3d5 Password: Added password_username_format option (#5766) 7 years ago
Aleksander Machniak b87ecb4fa3 Re-arranged changelog entries 7 years ago
Aleksander Machniak c0b9025215 Remove sample PHP configuration from .htaccess and .user.ini files (#5850)
Moved to https://github.com/roundcube/roundcubemail/wiki/Installation#php-configuration
7 years ago
Aleksander Machniak 63d3ad11fb Use Masterminds/HTML5 parser for HTML5 support (#5761) 7 years ago
Aleksander Machniak f9a5d03e5a Fix bug where new_user_dialog email check could have been circumvented by deleting / abandoning session (#5929) 7 years ago
Aleksander Machniak 2faf7185db Archive: Create archive folder automatically if it's configured, but does not exist (#6076) 7 years ago
Aleksander Machniak ecde98729b Fix skin extending for assets (#5115)
Remove redundant is_file() calls.
7 years ago
Aleksander Machniak 5ce5f9a8bc Use Github API as a fallback to fetch js dependencies to workaround throttling issues (#6248) 7 years ago
Aleksander Machniak 8a6a9e86ae Fix handling of forwarded messages inside of a TNEF message (#5632) 7 years ago
Aleksander Machniak a889f55c31 Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244) 7 years ago
Aleksander Machniak 9cd0c6e805 Add 1.3.6 release 7 years ago
Aleksander Machniak 8373b3b3f0 Enigma: Enable keypair generation on Internet Explorer 11 7 years ago
Aleksander Machniak b2bebe531a Fix bug where usernames without domain part could be malformed or converted to lower-case on logon (#6224) 7 years ago
Aleksander Machniak 8e543f843e Fix check_request() bypass in places using get_uids() [CVE-2018-9846] (#6238) 7 years ago
Aleksander Machniak f63150b256 Enigma: Fix key selection for signing
In some cases a public key of other user could be selected instead
of the sender's private key
7 years ago
Aleksander Machniak 8b0540d402 Fix possible IMAP command injection and type juggling vulnerabilities (#6229) 7 years ago
Aleksander Machniak f36e23b778 Fix parsing date strings (e.g. from a Date: mail header) with comments (#6216) 7 years ago
Aleksander Machniak a02fafa542 zipdownload: Added option to define size limit for multiple messages download (#5696)
Default limit set to 50MB.
7 years ago
Aleksander Machniak 2428be488e Allow style tags in HTML editor on composed/reply messages (#5751) 7 years ago
Aleksander Machniak 2cd40707e2 Add last release mark to the changelog 7 years ago
Aleksander Machniak 0f3ad342f7 Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() (#6212) 7 years ago
Aleksander Machniak a451ad6599 Fix handling encoding of HTML tags in "inline" JSON output (#6207) 7 years ago
Aleksander Machniak eb91daf00d Added 9pt and 11pt to the list of font sizes in HTML editor 7 years ago
Aleksander Machniak c99f6e4db1 Add note about Elastic in changelog 7 years ago
Aleksander Machniak 26211fa4ac Fix indentation 7 years ago
Aleksander Machniak d07b032bcd Refactor cache code with separate engine-specific classes 7 years ago
Aleksander Machniak 7b1f0f020b Enigma: Multi-host support 7 years ago
Aleksander Machniak 0f1e5b3293 Change wording 7 years ago
Aleksander Machniak 9d2b303b51 Fix bug in remote content blocking on HTML image and style tags (#6178) 7 years ago
Aleksander Machniak 674eac1c1c Enigma: Fix key generation in Safari by upgrade to OpenPGP 2.6.2 (#6149) 7 years ago
Aleksander Machniak b46cd5de1d Fix PHP Warning: exif_read_data(...): Illegal IFD size (#6169) 7 years ago
Aleksander Machniak 4d44070fc6 Fix duplicated labels in Test SMTP Config section (#6166) 7 years ago
Aleksander Machniak cf32fdab3f Update changelog 7 years ago
Thomas Bruederli 0f7cdcc846 Updated CHANGELOG 7 years ago
Aleksander Machniak 7abaab3098 Fix bug where text: syntax was forced for strings longer than 1024 characters (#6143) 7 years ago
Aleksander Machniak b38bb43630 Update to jQuery-3.3.1 7 years ago
Aleksander Machniak ae4616ce85 Update changelog 7 years ago
Thomas Bruederli a6408b952b Update assignments to release 1.3.4 7 years ago
Aleksander Machniak 55e99398e1 Fix possible information leak - add more strict sql error check on user creation (#6125) 7 years ago
Aleksander Machniak ce338164e3 Fix bug where contacts search could skip some records (#6130) 7 years ago
Aleksander Machniak 64ad87468a Update changelog 7 years ago
Aleksander Machniak 8de9fa707b Fix X-Frame-Options:ALLOW-FROM support, remove custom click-jacking protection (#6057) 7 years ago
Aleksander Machniak e4c7e8ac7c Fix bug where attachment size wasn't visible when the filename was too long (#6033)
Uses flexbox, so works in recent browsers only. I don't plan to support olders.
7 years ago
Aleksander Machniak af9550251e Display an error when clicking disabled link to register protocol handler (#6079) 7 years ago
Aleksander Machniak b172fb505c Improve trusted_host_patterns code 7 years ago
Aleksander Machniak 869882f8db Update changelog 7 years ago
Aleksander Machniak a2875cdda9 - Fix searching contacts by address in LDAP source (#6084) 7 years ago
Aleksander Machniak 3e0edd98c9 Update changelog 7 years ago