cbd35626f7
Better fix for XSS in style tags ( fa2824fdc)
8 years ago
fa2824fdcd
Fix XSS issue in handling of a style tag inside of an svg element
8 years ago
33586e4c87
Fix possible defect in handling \r\n in scripts ( #5685 )
8 years ago
85a750a068
Bump version to 1.2.4
8 years ago
04ed3846d3
Managesieve: Fix parser issue with empty lines between comments ( #5657 )
8 years ago
801f296872
Fix bug where it was too easy accidentally move a folder when using the subscription checkbox ( #5655 )
8 years ago
e3484f9225
Add rewrite rule to disable access to /vendor/bin folder in .htaccess ( #5630 )
8 years ago
b1a5b76445
Fix update of group name in the contacts list header on group rename ( #5648 )
8 years ago
528084ff37
Add note about PinEntry issues with SELinux ( #5620 )
8 years ago
49d24e973d
Enigma: Fix handling of messages with nested PGP encrypted parts ( #5634 )
8 years ago
4bc337c460
Enigma: Fix missing require statement for Crypt_GPG_KeyGenerator ( #5641 )
8 years ago
4475037023
Rename $sql_arr variable to $record as it's not about sql only
8 years ago
f51a101891
Fix regression where groups with email address were resolved to its members' addresses
8 years ago
3608e0c666
Fix visual glitch when using disabled_actions for items in Settings menu
8 years ago
a336026142
Fix bug where signature couldn't be added above the quote in Firefox 51 ( #5628 )
8 years ago
9e75845193
Fix bug where some classic skin images were not displayed in IE/Edge ( #5614 )
...
Converted from png to gif according to file extension.
8 years ago
04025fb297
Fix bug where mail content frame couldn't be reset in some corner cases ( #5608 )
...
Conflicts:
CHANGELOG
8 years ago
82b826faef
Fix PHP error on update of a contact with multiple email addresses when using PHP 7.1 ( #5587 )
8 years ago
1568bd9e04
Fix bug where external content in src attribute of input/video tags was not secured ( #5583 )
8 years ago
f90f22ffb8
Fix bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
8 years ago
58e63a6e70
Fix so group/addressbook selection is retained on page refresh
8 years ago
c9b394bcad
Fix some advanced search issues with multiple addressbooks ( #5572 )
8 years ago
088b0c6e85
Fix rsync error handling in installto.sh script ( #5562 )
8 years ago
e0d7367f1f
Fix adding images to new identity signatures
...
It already worked only on edits, because the image data for new identity
was stored in the wrong session item.
8 years ago
94feab652c
Disable Print button for pdf attachments in Firefox ( #5125 )
...
Mozilla's PDF.js viewer does not allow printing from host page.
We try to detect such situation and disable the button to minimize
user confusion.
8 years ago
d4f5804e40
Enigma: Add some notes to Known issues section ( #5561 )
8 years ago
69189ed21a
Enigma: Fix PHP fatal error when decrypting a message with invalid signature ( #5555 )
8 years ago
79613c1e4f
Fix variable substitution in ldap host for some use-cases, e.g. new_user_identity ( #5544 )
8 years ago
bc826be106
Fix handling of scripts with nested rules ( #5540 )
8 years ago
f04fc506b0
Bump version to 1.2.3
8 years ago
e8fc8888a6
Remove leftower code from last few backports
8 years ago
31df33d4e0
Fix regression where LDAP results could be counted incorrectly when using VLV
...
... broken by d08bd0a51f
8 years ago
53ede465e3
Avoid PHP fatal error
...
After last change to file `rcube_ldap.php`, my roundcube instance was getting this error:
```
PHP Fatal error: Cannot use object of type Net_LDAP3_Result as array in ...
```
In
```php
protected function extended_search($count = false)
```
`$result = $this->ldap->search()` returns a LDAP object (whatever package we use).
If the search returns no results (and if `$is_extended_search` is false), then it gets to line 971 trying to do a `usort()` and then a `count()` on an object, instead of an array.
8 years ago
6ccfcab17a
Searching in both contacts and groups when LDAP addressbook with group_filters option is used
...
Conflicts:
CHANGELOG
program/steps/addressbook/search.inc
8 years ago
86b329b1fa
Update localization
8 years ago
f84233785d
Fix vulnerability in handling of mail()'s 5th argument
8 years ago
6fa88c9814
Fix _from argument validation
8 years ago
2441456597
Fix displaying attached images with wrong Content-Type specified ( #5527 )
8 years ago
5162b20986
Fix missing content check when image resize fails on attachment thumbnail generation ( #5485 )
8 years ago
5dfacede3f
Make sure $prefs property is an array ( #5523 )
8 years ago
7f04df9ec0
Fix storing "empty" values in rcube_cache/rcube_cache_shared ( #5519 )
8 years ago
c633e605dd
Support contact+group searches in all relevant places (T1360)
...
Before the search worked only in Addressbook, not also in Compose.
The point of the change is also to align group searches with contact searches
in that it now uses the same set of attributes. Previously groups
in Compose were searched by name only.
8 years ago
115d575421
Add convenient method to create new session records
8 years ago
7983a7d63f
Fix "Illegal string offset" warning in rcube::log_bug() on PHP 7.1 ( #5508 )
8 years ago
455167b5f5
Fix recognizing Sent folder on search if current folder has been changed by plugins in meantime
8 years ago
dcf68720c1
Fix regression where UI object could be not created on some pages ( #5484 )
8 years ago
9eac1dd513
Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc ( #5452 )
...
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
8 years ago
d867ea98ed
Fix bug where IMAP password could be exposed via error message ( #5472 )
8 years ago
4013e8fd41
Fix To: header encoding in mail sent with mail() method ( #5475 )
8 years ago
4480b2615f
Fix bug where deleting folders with subfolders could fail in some cases ( #5466 )
8 years ago
Thomas Bruederli