Commit Graph

1320 Commits (522565b400e623ad190b57f56c1d21ff63418e33)

Author SHA1 Message Date
Thomas Bruederli bf21557873 Better fix for XSS in style tags (b59ff5ca) 8 years ago
Aleksander Machniak 05aae4711c Replace xss_entity_decode_callback() method with lambda function 8 years ago
Aleksander Machniak b59ff5cafb Fix XSS issue in handling of a style tag inside of an svg element 8 years ago
Aleksander Machniak fa32c2c471 Plugin API: Call message_part_structure hook for sub-parts of multipart/alternative message (#5678) 8 years ago
Aleksander Machniak 51dbc2e438 Merge branch 'master' of github.com:roundcube/roundcubemail 8 years ago
Aleksander Machniak 9028e77290 Enigma: Set micalg parameter to real hash algorithm used for signing 8 years ago
Shin Kojima 0b385dc946 Skip iconv for problematic ISO-2022-JP strings (#5668)
We sometimes get broken character encodings such as:
Subject: =?iso-2022-jp?B?GyRCLWo7M3l1OSk2SBsoQgo=?=
This actually is not a strict ISO-2022-JP string, but a CP50220 string
that is a variant of ISO-2022-JP with extended characters proposed by
Microsoft. Iconv can not handle these encodings well.
8 years ago
Joe Bordes 3c1d951d84 feat(Hook) full message object on message_sent event 8 years ago
Aleksander Machniak 81f67a4de2 Don't use each() deprecated in PHP 7.2 8 years ago
Aleksander Machniak dfd19206a4 sizeof() -> count() 8 years ago
Aleksander Machniak e08f22ef28 Fix bug where external content in src attribute of input/video tags was not secured (#5583) 8 years ago
Aleksander Machniak 7340360e79 Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580) 8 years ago
Thomas Bruederli f78e2a4367 Add 1.3-beta milestone + update copyright year 8 years ago
Jens Carl de82576134 Add mime type detection under FreeBSD and Apache 2.4 (#5560) 8 years ago
Aleksander Machniak 4f5ec65a36 Close SMTP connection ASAP after the message has been sent
We should not keep the connection open until the script shuts down.
It may take long time e.g. to save the message in IMAP.
8 years ago
Aleksander Machniak a99e479cb4 Fix variable substitution in ldap host for some use-cases, e.g. new_user_identity (#5544) 8 years ago
Aleksander Machniak 32b68959b2 Merge branch 'master' of github.com:roundcube/roundcubemail 8 years ago
Aleksander Machniak a1f679adca Fixed redundancy in sql caching system and compatibility with Galera Cluster (#5439)
- Removed redundant 'created' column from cache and cache_shared tables
- Removed use of redundant data records
- Added missing primary keys (dictionary, cache, cache_shared tables)
8 years ago
Aleksander Machniak 940a27400e Use GSSAPI only if configured (#5530) 8 years ago
Aleksander Machniak 5cca1988b6 Fix write_log() return value when using syslog() and it fails 8 years ago
Aleksander Machniak a844db6a27 Merge branch 'dev-layouts' 8 years ago
Aleksander Machniak 8a76bf3783 Make sure $prefs property is an array (#5523) 8 years ago
Aleksander Machniak e306328340 Fix storing "empty" values in rcube_cache/rcube_cache_shared (#5519) 8 years ago
Aleksander Machniak 7e90de4ef5 write_record() should return boolean value 8 years ago
Aleksander Machniak 68221ed4ae Improve uppercase/lowercase/ucfirst attrib handling in rcube::gettext()
- Make ucfirst mode compatible with UTF-8
- Fix bug which made uppercase=FIRST non-working
- Replace \n with real line-break before converting char case
8 years ago
Aleksander Machniak 6e0effa54c Fix "Illegal string offset" warning in rcube::log_bug() on PHP 7.1 (#5508) 8 years ago
Aleksander Machniak e17e8851f1 CS improvements, _xor() method replaced with an anonymous function 8 years ago
Aleksander Machniak 556c1725a7 Unify automatic marking as \Seen in preview pane, full-page and extwin views (#5071)
We now have one 'mail_read_time' option that works for all cases.
Option 'preview_pane_mark_read' has been removed and marked as an alias.
8 years ago
Aleksander Machniak f43f5bf93f Use JSON_PRETTY_PRINT in devel_mode
This effectively makes PHP 5.4 a real requirement
8 years ago
Aleksander Machniak 4e0532808d Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc (#5452)
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
8 years ago
Aleksander Machniak cf9f0d8829 Fix bug where IMAP password could be exposed via error message (#5472) 8 years ago
Aleksander Machniak b8f9ba7d47 Fix bug where deleting folders with subfolders could fail in some cases (#5466) 8 years ago
Aleksander Machniak b258b91560 Do not show inline images of unsupported mimetype (#5463) 8 years ago
Aleksander Machniak 8a51607671 Fix regression where creation of default folders wasn't functioning without prefix (#5460) 8 years ago
Aleksander Machniak 9e129383a1 Improve randomness of password salts and random hashes (#5266) 8 years ago
Aleksander Machniak 195dc11855 Support host-specific imap_conn_options/smtp_conn_options/managesieve_conn_options (#5136) 8 years ago
Aleksander Machniak 8c75dd3aa8 Add convenient method to create new session records 8 years ago
Aleksander Machniak 42ddfe5ec9 Simplify mbstring code path in rcube_charset::convert() 8 years ago
Aleksander Machniak c1c0a0d815 Implemented rcube::sleep() method for disconnecting all external connection in long-running/sleeping scripts 8 years ago
Aleksander Machniak f92052fd73 Fix so when moving to Trash we make sure the folder exists (#5192) 8 years ago
Aleksander Machniak 2999cc38a5 Generate more compact HTML5 code, e.g. use short form of boolean attributes 8 years ago
Aleksander Machniak defdf84bb7 Really fix login form regression
Remove 'form' from allowed attributes list of input field. We needed
it only for a moment, now we don't. It's also not supported by IE/Edge
which means there's no way we would need it. Maybe some day...
8 years ago
Aleksander Machniak 32e5a6bbcf Fix bug where folder creation could fail if personal namespace contained more than one entry (#5403)
+ small code improvements
8 years ago
Aleksander Machniak 43f3c5fb2a Implement "one click" attachment upload (#5024) 8 years ago
Aleksander Machniak c65bb121eb Describe Framework requirements, drop some redundant code (since we require mbstring) 8 years ago
Aleksander Machniak 9debc38724 Drop mail_header_delimiter option, since we don't use mail() we don't need it 8 years ago
Aleksander Machniak 184de7735c CS fixes (mostly phpdoc) 8 years ago
Aleksander Machniak 2298ecf7f6 Fix E_DEPRECATED warning when using Auth_SASL::factory() (#5401) 8 years ago
Aleksander Machniak 0836b213db Removed useless 'created' column from 'session' table (#5389) 8 years ago
Aleksander Machniak 94f8ce3334 Make html::parse_attrib_string() more robust
Fixes PHP Error: Expression parse error on: ($app->config->get('preview_pane',rcube_utils::get_boolean('')) == true ? ' checked=checked' : ')
8 years ago