Commit Graph

59 Commits (3bb12e75f763e9eca5e07c7022fa1f74dde0b532)

Author SHA1 Message Date
Aleksander Machniak 7340360e79 Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580) 8 years ago
Aleksander Machniak 4e0532808d Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc (#5452)
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
8 years ago
Aleksander Machniak 195dc11855 Support host-specific imap_conn_options/smtp_conn_options/managesieve_conn_options (#5136) 8 years ago
Aleksander Machniak dcabc1d814 Merge remote-tracking branch 'upstream/master'
Conflicts:
	tests/Framework/Washtml.php
8 years ago
Aleksander Machniak c3fc072d97 Remove code related to magic_quotes_* and register_globals
...they do not exist in PHP 5.4 which we now require.
8 years ago
Aleksander Machniak 906cf101c3 Better time handling in rcube_utils::clean_datestr() 8 years ago
Aleksander Machniak ec1525a1e6 Remove debug code 8 years ago
Aleksander Machniak ed35267b9b Managesieve: Fix parsing of vacation date-time with non-default date_format (#5372)
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
8 years ago
Aleksander Machniak f2eafda539 Fix bug where microsecond format in logged date didn't work in some cases 9 years ago
Aleksander Machniak d61d33a12a Fix handling of --delete argument in moduserprefs.sh script (#5296) 9 years ago
Aleksander Machniak 6737e293bb Wash position:fixed style in HTML mail for better security (#5264) 9 years ago
Aleksander Machniak cbe701ac4a Fix rcube_utils::words_match() to work with mixed/invalid/binary content (T844) 9 years ago
Aleksander Machniak 7e3298753a Use ternary operator where aplicable 9 years ago
Aleksander Machniak a03233ceba CS fixes 9 years ago
Aleksander Machniak b2b9b591ce Fix handling random_bytes() errors in PHP 7.0.0RC3 9 years ago
Aleksander Machniak e85bbc9e9c random_bytes() can throw an exception in some cases, since PHP 7.0.0rc3 9 years ago
Aleksander Machniak 26086981a2 Improve randomness of security tokens (#1490529) 9 years ago
Aleksander Machniak f00e1f5333 CS fixes 9 years ago
Aleksander Machniak 7a42173a16 Simplify rcube_utils::check_ip() 9 years ago
Aleksander Machniak 6b31846c43 Fix IPv6 address validation on PHP with disabled IPv6 support 9 years ago
Aleksander Machniak 93e64008a6 Small code improvements 9 years ago
Aleksander Machniak 8447bae77c Require Mbstring and OpenSSL extensions (#1490415) - remove redundant code 10 years ago
Aleksander Machniak 9aae1b7fc3 Fix so microseconds macro (u) in log_date_format works (#1490446) 10 years ago
Aleksander Machniak a958748947 CS fixes 10 years ago
Aleksander Machniak 3994b3a26c Installer: Use openssl_random_pseudo_bytes() (if available) to generate des_key (#1490402) 10 years ago
Thomas Bruederli c32998084d Add untility function to match strings ignoring word order 10 years ago
Thomas Bruederli e8b82c2e7b Fix rcube_utils::normalize_string() to support unicode characters + add argument for minimum token length 10 years ago
Thomas Bruederli 09c58d1add Make rcube_utils::strtotime() timezone aware (#1490163) 10 years ago
Aleksander Machniak 787a421846 Fix rcube_utils::anytodatetime() with no timezone specified 10 years ago
Aleksander Machniak 848e204ef9 Fix validation of email addresses with IDNA domains (#1490067) 10 years ago
Aleksander Machniak 29c24e647c Get rid of DIRECTORY_SEPARATOR for consistency 10 years ago
Aleksander Machniak 5f58127eae Added rcube_utils::resolve_url() 10 years ago
Aleksander Machniak 75bbada03b Remove code for PHP<5.3, use PHP_VERSION_ID instead of version_compare() for version checks 10 years ago
Thomas Bruederli cc850263d4 Add optional timezone argument for date conversion 10 years ago
Aleksander Machniak 49dad5f669 Fix broken normalize_string(), add support for ISO-8859-2 11 years ago
Felix Eckhofer 30e6b980a6 Remove usage of $RCMAIL global variable 11 years ago
Felix Eckhofer ef721fc430 Add config variable 'proxy_whitelist'
HTTP headers X_FORWARDED_* and X_REAL_IP are only evaluated when
received from an IP listed in proxy_whitelist. Furthermore, only the
last non-trusted IP from X-Forwarded-For is used in place of the real
ip.

Without this, an attacker can easily spoof the headers and control the
result of the ip or ssl check.

This fixes several problems with [3a4c9f42], [4d480b36] and [a520f331] as
mentioned in #1489729.
11 years ago
Aleksander Machniak 517c9f9a8d Fix directories check in Installer on Windows (#1489576)
Added rcube_utils::is_absolute_path() method
11 years ago
Aleksander Machniak f6d23a8dce Fix PHP warning when 1st argument of parse_host() is not a string (#1489486) 11 years ago
Aleksander Machniak a520f331c1 Fix handling of X-Forwarded-For header with multiple addresses (#1489481) 11 years ago
Aleksander Machniak d19c0f9f30 In normalize_string() replace 4-byte unicode characters with '?' character.
These are not supported in default utf-8 charset on mysql,
the chance we'd need them in searching is very low.
11 years ago
Aleksander Machniak b1f3c3bee8 Fixed saving contact birthday/anniversary dates before 01-01-1970 11 years ago
Thomas Bruederli fdb30f3279 Fix CSS selector modifications when nested in @media blocks 11 years ago
Aleksander Machniak ff6de99ae4 Some micro-optimizations 11 years ago
Aleksander Machniak d1abd8e339 Fix infinite loop in rcube_utils::mod_css_styles() after recent changes in rcube_string_replacer 11 years ago
Aleksander Machniak af79a7b837 Fixed issues where HTML comments inside style tag would hang Internet Explorer 11 years ago
Aleksander Machniak eafd5b1aa4 Improved mailto: link arguments handling (#1489363) 11 years ago
Thomas Bruederli 52830ea605 Improve handling of date strings and DateTime values in contacts 11 years ago
Aleksander Machniak b32fab16ef Fix handling of non-default date formats (#1489294)
- remove ambiguous m/d/Y format from default config
11 years ago
Thomas Bruederli 4d480b36ea Respect HTTP_X_FORWARDED_FOR and HTTP_X_REAL_IP variables for session IP check 11 years ago