Thomas Bruederli
|
1a7b603875
|
Bump version to 1.2.10
|
5 years ago |
|
Aleksander Machniak
|
cceeff2472
|
Fix CSRF bypass that could be used to log out an authenticated user (#7302)
|
5 years ago |
|
Thomas Bruederli
|
36043cb7bc
|
Bump version to 1.2.9 and copyright to 2018
|
7 years ago |
|
Thomas Bruederli
|
9f91018a16
|
Bump version to 1.2.8
|
7 years ago |
|
Thomas Bruederli
|
987856eee2
|
Bump version + add CVE ID
|
7 years ago |
|
Thomas Bruederli
|
3644b02d0b
|
Bump version to 1.2.6
|
7 years ago |
|
Thomas Bruederli
|
e62a7d0dfa
|
Bump version to 1.2.5
|
8 years ago |
|
Thomas Bruederli
|
85a750a068
|
Bump version to 1.2.4
|
8 years ago |
|
Thomas Bruederli
|
f04fc506b0
|
Bump version to 1.2.3
|
8 years ago |
|
Thomas Bruederli
|
444fdb6161
|
Bump version to 1.2.2
|
8 years ago |
|
Aleksander Machniak
|
6d8245523d
|
Fix so "Action disabled" error uses more appropriate 404 code (#5440)
|
8 years ago |
|
Thomas Bruederli
|
3a7a550518
|
Bump version to 1.2.1
|
8 years ago |
|
Thomas Bruederli
|
d2e2a8f32e
|
Bump version to 1.2.0 (stable)
|
9 years ago |
|
Aleksander Machniak
|
a15d877ba8
|
Added brute-force attack prevention via login rate limit (#1490566)
|
9 years ago |
|
Aleksander Machniak
|
1b39d9a6c7
|
PHP7: Fixed some E_WARNING errors that previously were E_STRICT
|
9 years ago |
|
Aleksander Machniak
|
4b72a1f498
|
Fix error when using back button after sending an email (#1490009)
|
9 years ago |
|
Aleksander Machniak
|
a958748947
|
CS fixes
|
10 years ago |
|
Aleksander Machniak
|
3779b67a9c
|
Set version number to 1.2-git
|
10 years ago |
|
Thomas Bruederli
|
2f8b1036da
|
Bump version and copyright year
|
10 years ago |
|
Aleksander Machniak
|
681ba6fc3c
|
Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
|
10 years ago |
|
Thomas Bruederli
|
c45507e317
|
Fix login error message display broken in b51de327
|
10 years ago |
|
Thomas Bruederli
|
b51de3279f
|
Display custom error messages from plugins hooks (as documented in the API spec)
|
10 years ago |
|
Thomas Bruederli
|
a873d934f5
|
Give precedence to plugin.* actions over custom tasks registered by plugins
|
10 years ago |
|
Aleksander Machniak
|
d01f9fc7f5
|
Add option (disabled_actions) to disable UI elements/actions (#1489638)
|
10 years ago |
|
Thomas Bruederli
|
7e7e451b66
|
Warn for unsent/unsaved message when closing compose window; remove localStorage copy if page was left intentionally but not on session errors (#1489818)
|
11 years ago |
|
Aleksander Machniak
|
d19a9b35cc
|
Remove obsolete code that disables session check on 'send' action
|
11 years ago |
|
Aleksander Machniak
|
ba5c53e5c3
|
Send X-UA-Compatible as HTTP header instead of meta tag
|
11 years ago |
|
Aleksander Machniak
|
b360f707e8
|
Small code improvement
|
11 years ago |
|
Aleksander Machniak
|
65f59fa3c6
|
Bump version number to 1.1-git
|
11 years ago |
|
Aleksander Machniak
|
8d3d5b42b7
|
Prevent from "Call to undefined method rcmail_output_json::add_footer()" error
|
11 years ago |
|
Aleksander Machniak
|
0301d9347f
|
CS fixes
|
11 years ago |
|
Thomas Bruederli
|
85e60ada15
|
First version of the local storage compose data saving feature; some behavioral improvements and encrytion are still to be added
|
11 years ago |
|
Thomas Bruederli
|
b461a2d72e
|
Send last fetch time with 'refresh' requests and allow plugins to alter query parameters of http requests
|
11 years ago |
|
Aleksander Machniak
|
060467df9d
|
Log also failed logins to userlogins log
|
11 years ago |
|
Thomas Bruederli
|
deb2b8d080
|
Allow to load config files for different environments (#1487311); keep (non-default) filename in URLs throughout the webmail app
|
12 years ago |
|
Aleksander Machniak
|
a544971fe8
|
Fix error when using check_referer=true
|
12 years ago |
|
Aleksander Machniak
|
bb080af14d
|
Bump version number up to 1.0-git
|
12 years ago |
|
Thomas Bruederli
|
18e23ab763
|
Welcome to 2013
|
12 years ago |
|
Aleksander Machniak
|
a95687cfe8
|
Plugin API: Add 'refresh' hook
|
12 years ago |
|
Aleksander Machniak
|
77de23fa93
|
Added cross-task 'refresh' request for system state updates
|
12 years ago |
|
Aleksander Machniak
|
b807084a6b
|
- Fix (disable) request validation for spell and spell_html actions
Consider action whitelist also for ajax requests
|
12 years ago |
|
Aleksander Machniak
|
2bbc3da52a
|
- Check request tokens also in devel_mode
|
12 years ago |
|
Aleksander Machniak
|
1c0ce1fe52
|
Plugin API: Add 'unauthenticated' hook (#1488138)
|
13 years ago |
|
Aleksander Machniak
|
7c8fd80310
|
Show explicit error message when provided hostname is invalid (#1488550)
|
13 years ago |
|
Aleksander Machniak
|
041c93ce0b
|
Removed $Id$
|
13 years ago |
|
Brian Ronald
|
b546b0dcfd
|
Also, the license comments
|
13 years ago |
|
alecpl
|
d2191c619f
|
- Fix redirect to mail/compose on re-login (1488226)
|
13 years ago |
|
alecpl
|
1aceb9cec8
|
- Framework refactoring (I hope it's the last one):
rcube,rcmail,rcube_ui -> rcube,rcmail,rcube_utils
renamed main.inc into rcube_bc.inc
|
13 years ago |
|
alecpl
|
0c259682f6
|
- Merge devel-framework branch, resolved conflicts
|
13 years ago |
|
thomascube
|
7fe3811c65
|
Changed license to GNU GPLv3+ with exceptions for skins and plugins
|
13 years ago |