Aleksander Machniak
a80d73602f
Fix db_prefix handling in queries with `TRUNCATE TABLE <name>` and `UNIQUE <name>` ( #7013 )
5 years ago
PhilW
714ea7b128
add unit tests for rcmail_output_html::get_template_logo
5 years ago
Aleksander Machniak
da2ebb272a
Add basic test for attachment_reminder plugin
5 years ago
Aleksander Machniak
1b8e01e324
Cleanup unused code
5 years ago
johndoh
57960b1cab
add messages for in_array_nocase tests ( #6957 )
5 years ago
Aleksander Machniak
27bfd0884e
Drop rcube_browser::$lang property
...
You should use Accept-Language header instead, as we do in other place
5 years ago
Aleksander Machniak
1a10074b85
Add Edge browser detection
5 years ago
Aleksander Machniak
f5d6a242a8
Remove useless properties from rcube_browser
5 years ago
Aleksander Machniak
21ebf3ff5a
Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs ( #6896 )
5 years ago
Aleksander Machniak
63730cf842
Fix security issue where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class ( #6897 )
5 years ago
Aleksander Machniak
057fb69bb9
Fix bug where some strict remote URIs in url() style were unintentionally blocked ( #6899 )
5 years ago
Aleksander Machniak
7bf868767e
Fix security issue where it was possible to bypass the position:fixed CSS check in received messages ( #6898 )
5 years ago
Aleksander Machniak
e88e0c16c9
Move rcmail (and future rcmail_*) class tests to tests/Rcmail directory
5 years ago
Aleksander Machniak
bfe2bc17d7
Fix css styles leak from replied/forwarded message to the rest of the composed text ( #6831 )
...
Generally do the same with styles what we do on message preview.
This also fixes small bugs in handling styles:
- fix so <style> tag on the start of the HTML content is not ignored
- fix so body's background/bgcolor attributes are applied to the container (regression)
5 years ago
Aleksander Machniak
0a0ad2c9b7
Switch to IDNA2008 variant ( #6806 )
...
After switching IDNA_NONTRANSITIONAL_TO_ASCII on, switch to
IDNA2008 variant in Net_LDAP2. Add test, update changelog.
5 years ago
Aleksander Machniak
ce52b04051
Update changelog, add some tests for rcube_utils::parse_host()
5 years ago
Aleksander Machniak
7c8ce07e8c
Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758)
5 years ago
Aleksander Machniak
55cca61134
Workaround more invalid HTML cases parsed incorrectly by Mastermind/HTML5 ( #6713 )
5 years ago
Aleksander Machniak
57c67db029
Remove year(s) from copyright headers + some cleanup
5 years ago
Aleksander Machniak
92ed0154d5
Followup fix on handling HTML content w/o html/head/body tag ( #6713 )
5 years ago
Aleksander Machniak
03d56926d8
Fix bug in HTML parser that could cause missing text fragments when there was no head/body tag ( #6713 )
5 years ago
dsoares
00cc13a1b9
Fix bug where HTML messages with a xml:namespace tag were not rendered.
5 years ago
Aleksander Machniak
881b344fba
Fix regression in vcard parser
6 years ago
Aleksander Machniak
7a49b48dc1
Fix handling of empty entries in vCard import ( #6564 )
6 years ago
Aleksander Machniak
36485dfc34
Prevent from using deprecated timezone names from jsTimezoneDetect
...
For better interoperability of plugins such as Calendar, for example
issue see: https://git.kolab.org/T2666 .
6 years ago
Aleksander Machniak
0a0ac045fe
Fix bug where valid content between HTML comments could have been skipped in some cases ( #6464 )
6 years ago
Aleksander Machniak
0dee528adb
Add test for #6410
6 years ago
Aleksander Machniak
086e781b8f
Fix bug where some HTML comments could have been malformed by HTML parser ( #6333 )
6 years ago
Aleksander Machniak
3d0b2cd3ce
Pass PEAR errors to rcube::raise_error(), small CS improvements
6 years ago
Aleksander Machniak
0716d499bc
Fix bug where some escape sequences in html styles could bypass security checks
6 years ago
Aleksander Machniak
63d3ad11fb
Use Masterminds/HTML5 parser for HTML5 support ( #5761 )
6 years ago
Aleksander Machniak
b2bebe531a
Fix bug where usernames without domain part could be malformed or converted to lower-case on logon ( #6224 )
6 years ago
Aleksander Machniak
f36e23b778
Fix parsing date strings (e.g. from a Date: mail header) with comments ( #6216 )
6 years ago
Aleksander Machniak
0f3ad342f7
Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() ( #6212 )
6 years ago
Aleksander Machniak
1058924e21
Move some framework classes to sub-directories
6 years ago
Aleksander Machniak
d07b032bcd
Refactor cache code with separate engine-specific classes
6 years ago
Aleksander Machniak
9d2b303b51
Fix bug in remote content blocking on HTML image and style tags ( #6178 )
6 years ago
Daniel Kesselberg
a8d5547163
Update idn convertion methods ( #6115 )
...
* Add more test cases
* Update phpdoc
7 years ago
Aleksander Machniak
63a7d2313f
Improve SMTPUTF8 support and fix relaxed email validation issues
7 years ago
Daniel Kesselberg
a3504cb3b8
Add unit test for IDN ( #6114 )
7 years ago
Aleksander Machniak
a0374f3c45
Fix mangled non-ASCII characters in links in HTML messages ( #6028 )
7 years ago
Aleksander Machniak
5e08a6ac59
Handle remote stylesheets the same as remote images, ask the user to allow them ( #5994 )
...
Fixes the issue where remote stylesheet could have been blocked
if the message contained no remote images and user have no way to
allow that content.
7 years ago
Aleksander Machniak
3196d656db
Fix css conflicts in user interface and e-mail content ( #5891 )
...
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
7 years ago
Aleksander Machniak
5d16751ed8
Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
7 years ago
Filippo Tessarotto
e5e37928d4
Add Travis CI
7 years ago
Thomas Bruederli
1cfc024036
Modify links in html messages during Washtml DOM traversal
...
This is a more safe approach than using regex and mitigates
possible vulnerabilities using malformed html markup.
7 years ago
Thomas Bruederli
919338d4ba
Escape textarea contents in Washtml
7 years ago
Aleksander Machniak
21e7d873ce
Fix so links over images are not removed in plain text signatures converted from HTML ( #4473 )
7 years ago
Aleksander Machniak
1fcf7bfab3
Fix bug where HTML messages with @media styles could moddify style of page body ( #5811 )
7 years ago
Aleksander Machniak
8f22c3287d
Fix bug where comment notation within style tag would cause the whole style to be ignored ( #5747 )
7 years ago
Aleksander Machniak
ce61c8210e
Added test for rcube_db::parse_dsn()
7 years ago
dfukagaw28
89a4134064
Add support for DelSp=Yes messages ( #5702 )
7 years ago
Thomas Bruederli
522565b400
Add tests for XSS vulnerabilities in style tags
7 years ago
Shin Kojima
0b385dc946
Skip iconv for problematic ISO-2022-JP strings ( #5668 )
...
We sometimes get broken character encodings such as:
Subject: =?iso-2022-jp?B?GyRCLWo7M3l1OSk2SBsoQgo=?=
This actually is not a strict ISO-2022-JP string, but a CP50220 string
that is a variant of ISO-2022-JP with extended characters proposed by
Microsoft. Iconv can not handle these encodings well.
7 years ago
Aleksander Machniak
e08f22ef28
Fix bug where external content in src attribute of input/video tags was not secured ( #5583 )
8 years ago
Aleksander Machniak
7340360e79
Fix bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
8 years ago
Aleksander Machniak
bbab6a6db7
Identicon plugin
...
https://kolabian.wordpress.com/2016/12/02/contact-identicons/
8 years ago
JohnDoh
dd714b33a8
replace old trac links ( #5514 )
8 years ago
Aleksander Machniak
0485275a75
Merge branch 'dev/drop-legacy-browsers'
8 years ago
Aleksander Machniak
94f8ce3334
Make html::parse_attrib_string() more robust
...
Fixes PHP Error: Expression parse error on: ($app->config->get('preview_pane',rcube_utils::get_boolean('')) == true ? ' checked=checked' : ')
8 years ago
Aleksander Machniak
829442a4cd
Removed legacy_browsr plugin
8 years ago
Aleksander Machniak
dcabc1d814
Merge remote-tracking branch 'upstream/master'
...
Conflicts:
tests/Framework/Washtml.php
8 years ago
Aleksander Machniak
906cf101c3
Better time handling in rcube_utils::clean_datestr()
8 years ago
Aleksander Machniak
ed35267b9b
Managesieve: Fix parsing of vacation date-time with non-default date_format ( #5372 )
...
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
8 years ago
Aleksander Machniak
d91bad5975
Fix handling of blockquote tags with mixed case on html2text conversion ( #5363 )
8 years ago
Aleksander Machniak
bf5b3072c4
Fix MathML test on older PHP versions
8 years ago
Aleksander Machniak
edfd9da42a
Support MathML in HTML message preview ( #5182 )
8 years ago
Aleksander Machniak
6737e293bb
Wash position:fixed style in HTML mail for better security ( #5264 )
8 years ago
Aleksander Machniak
afd090672c
Small performance optimization
8 years ago
Aleksander Machniak
ca9ad75d96
Add some more tests for HREF attribute washing
8 years ago
Aleksander Machniak
6652367d65
Fix XSS issue in href attribute on area tag ( #5240 , #5241 )
8 years ago
Aleksander Machniak
a0f38f5fd8
Small code style improvements
8 years ago
Aleksander Machniak
e8ab3d96bd
Fix converting mail addresses with @www. into mailto links ( #5197 )
8 years ago
Aleksander Machniak
ed1d212ae2
Improved SVG cleanup code
9 years ago
Aleksander Machniak
cbe701ac4a
Fix rcube_utils::words_match() to work with mixed/invalid/binary content (T844)
9 years ago
Aleksander Machniak
9234903287
Fix HTML sanitizer to skip <!-- node type X --> in output ( #1490583 )
9 years ago
Aleksander Machniak
26086981a2
Improve randomness of security tokens ( #1490529 )
9 years ago
Aleksander Machniak
a63f14ec40
Emoticons-related code refactoring
...
- Emoticons: All emoticons-related functionality is handled by the plugin now
- Emoticons: Added option to switch on/off emoticons in compose editor (#1485732 )
- Emoticons: Added option to switch on/off emoticons in plain text messages
- Plugin API: Added disabled_plugins an disabled_buttons options in html_editor hook
- Plugin API: Added html2text hook
9 years ago
Aleksander Machniak
7a42173a16
Simplify rcube_utils::check_ip()
9 years ago
Aleksander Machniak
f4c512336d
Fix "washing" of style elements wrapped into many lines
9 years ago
Aleksander Machniak
1b39d9a6c7
PHP7: Fixed some E_WARNING errors that previously were E_STRICT
9 years ago
Aleksander Machniak
1b8ca08e5b
Added GSSAPI/Kerberos authentication plugin - krb_authentication
9 years ago
Aleksander Machniak
2d73205ec8
Skip rcube_ldap_generic test if Net_LDAP3 is not available
9 years ago
Aleksander Machniak
8447bae77c
Require Mbstring and OpenSSL extensions ( #1490415 ) - remove redundant code
9 years ago
Aleksander Machniak
f7427f151e
Get rid of Mail_mimeDecode package dependency ( #1490416 )
9 years ago
Aleksander Machniak
25c8fe4eeb
Fix handling of non-break spaces in html to text conversion ( #1490436 )
9 years ago
Aleksander Machniak
ff40683404
Fix so links with href == content aren't added to links list on html to text conversion ( #1490434 )
9 years ago
Thomas Bruederli
c5ca818118
Adapt washtml test to pass with different versions of iconv (i.e. on CentOS7)
9 years ago
Thomas Bruederli
7eefdc8149
Adapt charset cleanup tests to pass with different versions of iconv propucing slightyl different output
9 years ago
Thomas Bruederli
9311fea09b
Add utility functiion to get an elemet's text content also when running tests in PhantomJS
9 years ago
Aleksander Machniak
3994b3a26c
Installer: Use openssl_random_pseudo_bytes() (if available) to generate des_key ( #1490402 )
9 years ago
Thomas Bruederli
68ca963319
Use the right syntax for group assignments
9 years ago
Thomas Bruederli
b5f64294a8
Tag more tests with @mbstring
9 years ago
Thomas Bruederli
0bfc862283
Specify test groups for inclusion/exclusion
9 years ago
Aleksander Machniak
c4ad7edd53
Fix font artifacts in text2html conversion ( #1490353 )
...
Use white-space:nowrap elements instead of unicode word-joiner character
9 years ago
Thomas Bruederli
91f2171e85
Use the right properties from rcube_db::parse_dsn() result
9 years ago
Thomas Bruederli
2fece8372e
Allow selenium tests to use explicit login credentials
9 years ago
Thomas Bruederli
0d4d43375c
Support tests running with an sqlite database
9 years ago
Thomas Bruederli
28b1cb04b6
Add more utility functions to prepare the IMAP account used for testing
9 years ago
Thomas Bruederli
f7c5f44ffb
Populate IMAP test account with sample message and test its listing in Selenium tests
9 years ago