b2bebe531a
Fix bug where usernames without domain part could be malformed or converted to lower-case on logon ( #6224 )
8 years ago
f36e23b778
Fix parsing date strings (e.g. from a Date: mail header) with comments ( #6216 )
8 years ago
0f3ad342f7
Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() ( #6212 )
8 years ago
1058924e21
Move some framework classes to sub-directories
8 years ago
d07b032bcd
Refactor cache code with separate engine-specific classes
8 years ago
9d2b303b51
Fix bug in remote content blocking on HTML image and style tags ( #6178 )
8 years ago
a8d5547163
Update idn convertion methods ( #6115 )
...
* Add more test cases
* Update phpdoc
8 years ago
63a7d2313f
Improve SMTPUTF8 support and fix relaxed email validation issues
8 years ago
a3504cb3b8
Add unit test for IDN ( #6114 )
8 years ago
a0374f3c45
Fix mangled non-ASCII characters in links in HTML messages ( #6028 )
8 years ago
5e08a6ac59
Handle remote stylesheets the same as remote images, ask the user to allow them ( #5994 )
...
Fixes the issue where remote stylesheet could have been blocked
if the message contained no remote images and user have no way to
allow that content.
8 years ago
3196d656db
Fix css conflicts in user interface and e-mail content ( #5891 )
...
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
8 years ago
5d16751ed8
Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
8 years ago
919338d4ba
Escape textarea contents in Washtml
8 years ago
21e7d873ce
Fix so links over images are not removed in plain text signatures converted from HTML ( #4473 )
9 years ago
1fcf7bfab3
Fix bug where HTML messages with @media styles could moddify style of page body ( #5811 )
9 years ago
8f22c3287d
Fix bug where comment notation within style tag would cause the whole style to be ignored ( #5747 )
9 years ago
ce61c8210e
Added test for rcube_db::parse_dsn()
9 years ago
89a4134064
Add support for DelSp=Yes messages ( #5702 )
9 years ago
522565b400
Add tests for XSS vulnerabilities in style tags
9 years ago
0b385dc946
Skip iconv for problematic ISO-2022-JP strings ( #5668 )
...
We sometimes get broken character encodings such as:
Subject: =?iso-2022-jp?B?GyRCLWo7M3l1OSk2SBsoQgo=?=
This actually is not a strict ISO-2022-JP string, but a CP50220 string
that is a variant of ISO-2022-JP with extended characters proposed by
Microsoft. Iconv can not handle these encodings well.
9 years ago
e08f22ef28
Fix bug where external content in src attribute of input/video tags was not secured ( #5583 )
9 years ago
7340360e79
Fix bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
9 years ago
dd714b33a8
replace old trac links ( #5514 )
9 years ago
94f8ce3334
Make html::parse_attrib_string() more robust
...
Fixes PHP Error: Expression parse error on: ($app->config->get('preview_pane',rcube_utils::get_boolean('')) == true ? ' checked=checked' : ')
10 years ago
dcabc1d814
Merge remote-tracking branch 'upstream/master'
...
Conflicts:
tests/Framework/Washtml.php
10 years ago
906cf101c3
Better time handling in rcube_utils::clean_datestr()
10 years ago
ed35267b9b
Managesieve: Fix parsing of vacation date-time with non-default date_format ( #5372 )
...
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
10 years ago
d91bad5975
Fix handling of blockquote tags with mixed case on html2text conversion ( #5363 )
10 years ago
bf5b3072c4
Fix MathML test on older PHP versions
10 years ago
edfd9da42a
Support MathML in HTML message preview ( #5182 )
10 years ago
6737e293bb
Wash position:fixed style in HTML mail for better security ( #5264 )
10 years ago
afd090672c
Small performance optimization
10 years ago
ca9ad75d96
Add some more tests for HREF attribute washing
10 years ago
6652367d65
Fix XSS issue in href attribute on area tag ( #5240 , #5241 )
10 years ago
a0f38f5fd8
Small code style improvements
10 years ago
e8ab3d96bd
Fix converting mail addresses with @www. into mailto links ( #5197 )
10 years ago
ed1d212ae2
Improved SVG cleanup code
10 years ago
cbe701ac4a
Fix rcube_utils::words_match() to work with mixed/invalid/binary content (T844)
10 years ago
9234903287
Fix HTML sanitizer to skip <!-- node type X --> in output ( #1490583 )
10 years ago
26086981a2
Improve randomness of security tokens ( #1490529 )
10 years ago
7a42173a16
Simplify rcube_utils::check_ip()
11 years ago
f4c512336d
Fix "washing" of style elements wrapped into many lines
11 years ago
1b39d9a6c7
PHP7: Fixed some E_WARNING errors that previously were E_STRICT
11 years ago
2d73205ec8
Skip rcube_ldap_generic test if Net_LDAP3 is not available
11 years ago
8447bae77c
Require Mbstring and OpenSSL extensions ( #1490415 ) - remove redundant code
11 years ago
f7427f151e
Get rid of Mail_mimeDecode package dependency ( #1490416 )
11 years ago
25c8fe4eeb
Fix handling of non-break spaces in html to text conversion ( #1490436 )
11 years ago
ff40683404
Fix so links with href == content aren't added to links list on html to text conversion ( #1490434 )
11 years ago
7eefdc8149
Adapt charset cleanup tests to pass with different versions of iconv propucing slightyl different output
11 years ago
Aleksander Machniak