Thomas Bruederli
0bd99db08d
Localize common error messages; improve explanation for CSRF check failures
10 years ago
Aleksander Machniak
681ba6fc3c
Improve system security by using optional special URL with security token
...
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
10 years ago
Thomas Bruederli
2e713d00f5
Set comm_path env variable after reset
10 years ago
Aleksander Machniak
34a0902089
Use consistent column/table quoting in sql queries
10 years ago
Aleksander Machniak
731d190fec
Merge branch 'tinymce4'
...
Conflicts:
program/js/app.js
program/js/editor.js
program/js/tiny_mce/tiny_mce.js
program/steps/utils/spell_html.inc
11 years ago
Aleksander Machniak
2f1a81fa40
Bring back "Add To Dictionary" feature
11 years ago
Aleksander Machniak
efc470f0ac
Merge branch 'dev-text2html'
...
Conflicts:
program/js/app.js
Fix handling magic_quotes in rcube_text2html and rcube_html2text - move
stripslashes from these classes to action files
11 years ago
Aleksander Machniak
eda92ed4c0
Improved display of plain text messages and text to HTML conversion ( #1488937 )
...
Now instead of <pre> we use <div class="pre"> styled with monospace
font. We replace whitespace characters with non-breaking spaces where
needed. I.e. plain text is always unwrappable, until it uses format=flowed,
in such a case only flowed paragraphs are wrappable.
Also conversion of text to HTML in compose editor was modified in the same way.
11 years ago
Aleksander Machniak
60a67f52ad
Don't use $HTTP_RAW_POST_DATA deprecated in PHP 5.6
11 years ago
Aleksander Machniak
f41912e4cb
Allow <> characters in spellchecking text
11 years ago
Aleksander Machniak
89d6ce6846
Update to TinyMCE 4.x
11 years ago
Aleksander Machniak
a54cff4c56
Fix error when spell-checking an empty text ( #1489831 )
11 years ago
Aleksander Machniak
fbe5bc9ba2
CS fixes
11 years ago
Steffen185
6446d0ac97
modcss.inc: Fixed CS
11 years ago
Steffen185
add515bc74
Make modcss.inc work with allow_url_fopen = Off
...
Alternatively use the PHP cURL extension
11 years ago
Aleksander Machniak
c97625e02a
CS fixes
11 years ago
Aleksander Machniak
6b2b2eca5f
Remove deprecated functions (these listed in bc.php file) usage
11 years ago
Thomas Bruederli
e46d060a4a
Fix errors in error page :-)
11 years ago
Thomas Bruederli
c344b64f13
Get supported spell-check languages from the configured backend; replace suspended google spell service with our new service at spell.roundcube.net
11 years ago
Aleksander Machniak
70c7df8faa
Fix vulnerability in handling _session argument of utils/save-prefs ( #1489382 )
11 years ago
Thomas Bruederli
c58cb8aa95
Strip spell checker error message for logging; remove unused sprintf()
11 years ago
Aleksander Machniak
cfe2fc8b30
Log spellchecker error also in html mode
12 years ago
Thomas Bruederli
b15cc7d6f4
Check Google spell check service response for errors and report them accordingly
12 years ago
Aleksander Machniak
648fcf5709
Whitelist configuration options (user preferences) that can be changed using save-pref command
12 years ago
Aleksander Machniak
66afd70b75
Framework'ize html2text class
12 years ago
Thomas Bruederli
c72a96144d
Improve line wrapping behavior where message charset is changed by plugins (including html2plaintext conversion)
12 years ago
Thomas Bruederli
95d2892686
Fix HTTP User-Agent XSS vulnerability ( #1488737 )
12 years ago
Aleksander Machniak
cd482ebce6
Fix SQL errors handling
12 years ago
Aleksander Machniak
2b992c5683
Remove unused variable
12 years ago
Aleksander Machniak
2b21b97ef0
Use file_get_contents() to make code simpler and to fix possible infinite loop
13 years ago
Aleksander Machniak
b97d0e11b5
Fix empty user agent string on error page for "incompatible browser" error
13 years ago
Aleksander Machniak
041c93ce0b
Removed $Id$
13 years ago
alecpl
0c259682f6
- Merge devel-framework branch, resolved conflicts
13 years ago
thomascube
1e09cd0811
Slighlty increase minimum browser requirements
13 years ago
thomascube
7fe3811c65
Changed license to GNU GPLv3+ with exceptions for skins and plugins
13 years ago
alecpl
6807865d76
- Update killcache with new cache tables
13 years ago
alecpl
66df084203
- Merge devel-spellcheck branch:
...
- Added spellchecker exceptions dictionary (shared or per-user)
- Added possibility to ignore words containing caps, numbers, symbols (spellcheck_ignore_* options)
13 years ago
alecpl
b4edf78e4b
- Provided rcube_spellchecker class, simplified code in utils task (less spell* files)
14 years ago
alecpl
d7b35c22af
- Fix usage of non-standard HTTP error codes ( #1487797 )
14 years ago
alecpl
8b2c23d603
- Use \n as a word separator to workaround some strange Google spellchecker issue
14 years ago
thomascube
a77cf2292b
Add optional referer check to prevent CSRF in GET requests
14 years ago
thomascube
3e0e9148ef
Prevent from relaying arbitrary requests through modcss.inc (security issue)
14 years ago
thomascube
f5e7b35307
Bumbed version; Roundcube development is not Switzerland only
14 years ago
alecpl
7472893512
- Fix plaintext versions of HTML messages don't contain placeholders for emotions ( #1485206 )
14 years ago
alecpl
11bcac5802
- Fix HTML to plain text conversion doesn't handle citation blocks ( #1486921 )
14 years ago
alecpl
e019f2d0f2
- s/RoundCube/Roundcube/
14 years ago
alecpl
ffc040bf9e
- update ID keyword
14 years ago
alecpl
614c642a4b
- Fix list_cols is not updated after column dragging ( #1486999 )
...
- Improved save-pref action and moved to separate file in utils task directory
- Improved http_post/http_request to support first argument in form 'task/action'
14 years ago
thomascube
52c0f7626c
Strip protocol from hostname in HTTP headers ( #1486868 )
15 years ago
alecpl
9ed374bbe1
- fix for empty suggestions result
15 years ago