a80d73602f
Fix db_prefix handling in queries with `TRUNCATE TABLE <name>` and `UNIQUE <name>` ( #7013 )
5 years ago
714ea7b128
add unit tests for rcmail_output_html::get_template_logo
5 years ago
da2ebb272a
Add basic test for attachment_reminder plugin
5 years ago
1b8e01e324
Cleanup unused code
5 years ago
57960b1cab
add messages for in_array_nocase tests ( #6957 )
5 years ago
27bfd0884e
Drop rcube_browser::$lang property
...
You should use Accept-Language header instead, as we do in other place
5 years ago
1a10074b85
Add Edge browser detection
5 years ago
f5d6a242a8
Remove useless properties from rcube_browser
5 years ago
21ebf3ff5a
Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs ( #6896 )
5 years ago
63730cf842
Fix security issue where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class ( #6897 )
5 years ago
057fb69bb9
Fix bug where some strict remote URIs in url() style were unintentionally blocked ( #6899 )
5 years ago
7bf868767e
Fix security issue where it was possible to bypass the position:fixed CSS check in received messages ( #6898 )
5 years ago
e88e0c16c9
Move rcmail (and future rcmail_*) class tests to tests/Rcmail directory
5 years ago
bfe2bc17d7
Fix css styles leak from replied/forwarded message to the rest of the composed text ( #6831 )
...
Generally do the same with styles what we do on message preview.
This also fixes small bugs in handling styles:
- fix so <style> tag on the start of the HTML content is not ignored
- fix so body's background/bgcolor attributes are applied to the container (regression)
5 years ago
0a0ad2c9b7
Switch to IDNA2008 variant ( #6806 )
...
After switching IDNA_NONTRANSITIONAL_TO_ASCII on, switch to
IDNA2008 variant in Net_LDAP2. Add test, update changelog.
6 years ago
ce52b04051
Update changelog, add some tests for rcube_utils::parse_host()
6 years ago
7c8ce07e8c
Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758)
6 years ago
55cca61134
Workaround more invalid HTML cases parsed incorrectly by Mastermind/HTML5 ( #6713 )
6 years ago
57c67db029
Remove year(s) from copyright headers + some cleanup
6 years ago
92ed0154d5
Followup fix on handling HTML content w/o html/head/body tag ( #6713 )
6 years ago
03d56926d8
Fix bug in HTML parser that could cause missing text fragments when there was no head/body tag ( #6713 )
6 years ago
00cc13a1b9
Fix bug where HTML messages with a xml:namespace tag were not rendered.
6 years ago
881b344fba
Fix regression in vcard parser
6 years ago
7a49b48dc1
Fix handling of empty entries in vCard import ( #6564 )
6 years ago
36485dfc34
Prevent from using deprecated timezone names from jsTimezoneDetect
...
For better interoperability of plugins such as Calendar, for example
issue see: https://git.kolab.org/T2666 .
6 years ago
0a0ac045fe
Fix bug where valid content between HTML comments could have been skipped in some cases ( #6464 )
6 years ago
0dee528adb
Add test for #6410
6 years ago
086e781b8f
Fix bug where some HTML comments could have been malformed by HTML parser ( #6333 )
7 years ago
3d0b2cd3ce
Pass PEAR errors to rcube::raise_error(), small CS improvements
7 years ago
0716d499bc
Fix bug where some escape sequences in html styles could bypass security checks
7 years ago
63d3ad11fb
Use Masterminds/HTML5 parser for HTML5 support ( #5761 )
7 years ago
b2bebe531a
Fix bug where usernames without domain part could be malformed or converted to lower-case on logon ( #6224 )
7 years ago
f36e23b778
Fix parsing date strings (e.g. from a Date: mail header) with comments ( #6216 )
7 years ago
0f3ad342f7
Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() ( #6212 )
7 years ago
1058924e21
Move some framework classes to sub-directories
7 years ago
d07b032bcd
Refactor cache code with separate engine-specific classes
7 years ago
9d2b303b51
Fix bug in remote content blocking on HTML image and style tags ( #6178 )
7 years ago
a8d5547163
Update idn convertion methods ( #6115 )
...
* Add more test cases
* Update phpdoc
7 years ago
63a7d2313f
Improve SMTPUTF8 support and fix relaxed email validation issues
7 years ago
a3504cb3b8
Add unit test for IDN ( #6114 )
7 years ago
a0374f3c45
Fix mangled non-ASCII characters in links in HTML messages ( #6028 )
7 years ago
5e08a6ac59
Handle remote stylesheets the same as remote images, ask the user to allow them ( #5994 )
...
Fixes the issue where remote stylesheet could have been blocked
if the message contained no remote images and user have no way to
allow that content.
7 years ago
3196d656db
Fix css conflicts in user interface and e-mail content ( #5891 )
...
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
7 years ago
5d16751ed8
Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
7 years ago
e5e37928d4
Add Travis CI
7 years ago
1cfc024036
Modify links in html messages during Washtml DOM traversal
...
This is a more safe approach than using regex and mitigates
possible vulnerabilities using malformed html markup.
7 years ago
919338d4ba
Escape textarea contents in Washtml
7 years ago
21e7d873ce
Fix so links over images are not removed in plain text signatures converted from HTML ( #4473 )
8 years ago
1fcf7bfab3
Fix bug where HTML messages with @media styles could moddify style of page body ( #5811 )
8 years ago
8f22c3287d
Fix bug where comment notation within style tag would cause the whole style to be ignored ( #5747 )
8 years ago
ce61c8210e
Added test for rcube_db::parse_dsn()
8 years ago
89a4134064
Add support for DelSp=Yes messages ( #5702 )
8 years ago
522565b400
Add tests for XSS vulnerabilities in style tags
8 years ago
0b385dc946
Skip iconv for problematic ISO-2022-JP strings ( #5668 )
...
We sometimes get broken character encodings such as:
Subject: =?iso-2022-jp?B?GyRCLWo7M3l1OSk2SBsoQgo=?=
This actually is not a strict ISO-2022-JP string, but a CP50220 string
that is a variant of ISO-2022-JP with extended characters proposed by
Microsoft. Iconv can not handle these encodings well.
8 years ago
e08f22ef28
Fix bug where external content in src attribute of input/video tags was not secured ( #5583 )
8 years ago
7340360e79
Fix bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
8 years ago
bbab6a6db7
Identicon plugin
...
https://kolabian.wordpress.com/2016/12/02/contact-identicons/
8 years ago
dd714b33a8
replace old trac links ( #5514 )
8 years ago
0485275a75
Merge branch 'dev/drop-legacy-browsers'
8 years ago
94f8ce3334
Make html::parse_attrib_string() more robust
...
Fixes PHP Error: Expression parse error on: ($app->config->get('preview_pane',rcube_utils::get_boolean('')) == true ? ' checked=checked' : ')
8 years ago
829442a4cd
Removed legacy_browsr plugin
8 years ago
dcabc1d814
Merge remote-tracking branch 'upstream/master'
...
Conflicts:
tests/Framework/Washtml.php
8 years ago
906cf101c3
Better time handling in rcube_utils::clean_datestr()
8 years ago
ed35267b9b
Managesieve: Fix parsing of vacation date-time with non-default date_format ( #5372 )
...
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
8 years ago
d91bad5975
Fix handling of blockquote tags with mixed case on html2text conversion ( #5363 )
8 years ago
bf5b3072c4
Fix MathML test on older PHP versions
8 years ago
edfd9da42a
Support MathML in HTML message preview ( #5182 )
8 years ago
6737e293bb
Wash position:fixed style in HTML mail for better security ( #5264 )
9 years ago
afd090672c
Small performance optimization
9 years ago
ca9ad75d96
Add some more tests for HREF attribute washing
9 years ago
6652367d65
Fix XSS issue in href attribute on area tag ( #5240 , #5241 )
9 years ago
a0f38f5fd8
Small code style improvements
9 years ago
e8ab3d96bd
Fix converting mail addresses with @www. into mailto links ( #5197 )
9 years ago
ed1d212ae2
Improved SVG cleanup code
9 years ago
cbe701ac4a
Fix rcube_utils::words_match() to work with mixed/invalid/binary content (T844)
9 years ago
9234903287
Fix HTML sanitizer to skip <!-- node type X --> in output ( #1490583 )
9 years ago
26086981a2
Improve randomness of security tokens ( #1490529 )
9 years ago
a63f14ec40
Emoticons-related code refactoring
...
- Emoticons: All emoticons-related functionality is handled by the plugin now
- Emoticons: Added option to switch on/off emoticons in compose editor (#1485732 )
- Emoticons: Added option to switch on/off emoticons in plain text messages
- Plugin API: Added disabled_plugins an disabled_buttons options in html_editor hook
- Plugin API: Added html2text hook
9 years ago
7a42173a16
Simplify rcube_utils::check_ip()
9 years ago
f4c512336d
Fix "washing" of style elements wrapped into many lines
9 years ago
1b39d9a6c7
PHP7: Fixed some E_WARNING errors that previously were E_STRICT
9 years ago
1b8ca08e5b
Added GSSAPI/Kerberos authentication plugin - krb_authentication
9 years ago
2d73205ec8
Skip rcube_ldap_generic test if Net_LDAP3 is not available
9 years ago
8447bae77c
Require Mbstring and OpenSSL extensions ( #1490415 ) - remove redundant code
10 years ago
f7427f151e
Get rid of Mail_mimeDecode package dependency ( #1490416 )
10 years ago
25c8fe4eeb
Fix handling of non-break spaces in html to text conversion ( #1490436 )
10 years ago
ff40683404
Fix so links with href == content aren't added to links list on html to text conversion ( #1490434 )
10 years ago
c5ca818118
Adapt washtml test to pass with different versions of iconv (i.e. on CentOS7)
10 years ago
7eefdc8149
Adapt charset cleanup tests to pass with different versions of iconv propucing slightyl different output
10 years ago
9311fea09b
Add utility functiion to get an elemet's text content also when running tests in PhantomJS
10 years ago
3994b3a26c
Installer: Use openssl_random_pseudo_bytes() (if available) to generate des_key ( #1490402 )
10 years ago
68ca963319
Use the right syntax for group assignments
10 years ago
b5f64294a8
Tag more tests with @mbstring
10 years ago
0bfc862283
Specify test groups for inclusion/exclusion
10 years ago
c4ad7edd53
Fix font artifacts in text2html conversion ( #1490353 )
...
Use white-space:nowrap elements instead of unicode word-joiner character
10 years ago
91f2171e85
Use the right properties from rcube_db::parse_dsn() result
10 years ago
2fece8372e
Allow selenium tests to use explicit login credentials
10 years ago
0d4d43375c
Support tests running with an sqlite database
10 years ago
28b1cb04b6
Add more utility functions to prepare the IMAP account used for testing
10 years ago
f7c5f44ffb
Populate IMAP test account with sample message and test its listing in Selenium tests
10 years ago
Aleksander Machniak