Thomas Bruederli
bf21557873
Better fix for XSS in style tags ( b59ff5ca
)
8 years ago
Aleksander Machniak
05aae4711c
Replace xss_entity_decode_callback() method with lambda function
8 years ago
Aleksander Machniak
b59ff5cafb
Fix XSS issue in handling of a style tag inside of an svg element
8 years ago
Aleksander Machniak
fa32c2c471
Plugin API: Call message_part_structure hook for sub-parts of multipart/alternative message ( #5678 )
8 years ago
Aleksander Machniak
51dbc2e438
Merge branch 'master' of github.com:roundcube/roundcubemail
8 years ago
Aleksander Machniak
9028e77290
Enigma: Set micalg parameter to real hash algorithm used for signing
8 years ago
Shin Kojima
0b385dc946
Skip iconv for problematic ISO-2022-JP strings ( #5668 )
...
We sometimes get broken character encodings such as:
Subject: =?iso-2022-jp?B?GyRCLWo7M3l1OSk2SBsoQgo=?=
This actually is not a strict ISO-2022-JP string, but a CP50220 string
that is a variant of ISO-2022-JP with extended characters proposed by
Microsoft. Iconv can not handle these encodings well.
8 years ago
Joe Bordes
3c1d951d84
feat(Hook) full message object on message_sent event
8 years ago
Aleksander Machniak
81f67a4de2
Don't use each() deprecated in PHP 7.2
8 years ago
Aleksander Machniak
dfd19206a4
sizeof() -> count()
8 years ago
Aleksander Machniak
e08f22ef28
Fix bug where external content in src attribute of input/video tags was not secured ( #5583 )
8 years ago
Aleksander Machniak
7340360e79
Fix bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
8 years ago
Thomas Bruederli
f78e2a4367
Add 1.3-beta milestone + update copyright year
8 years ago
Jens Carl
de82576134
Add mime type detection under FreeBSD and Apache 2.4 ( #5560 )
8 years ago
Aleksander Machniak
4f5ec65a36
Close SMTP connection ASAP after the message has been sent
...
We should not keep the connection open until the script shuts down.
It may take long time e.g. to save the message in IMAP.
8 years ago
Aleksander Machniak
a99e479cb4
Fix variable substitution in ldap host for some use-cases, e.g. new_user_identity ( #5544 )
8 years ago
Aleksander Machniak
32b68959b2
Merge branch 'master' of github.com:roundcube/roundcubemail
8 years ago
Aleksander Machniak
a1f679adca
Fixed redundancy in sql caching system and compatibility with Galera Cluster ( #5439 )
...
- Removed redundant 'created' column from cache and cache_shared tables
- Removed use of redundant data records
- Added missing primary keys (dictionary, cache, cache_shared tables)
8 years ago
Aleksander Machniak
940a27400e
Use GSSAPI only if configured ( #5530 )
8 years ago
Aleksander Machniak
5cca1988b6
Fix write_log() return value when using syslog() and it fails
8 years ago
Aleksander Machniak
a844db6a27
Merge branch 'dev-layouts'
8 years ago
Aleksander Machniak
8a76bf3783
Make sure $prefs property is an array ( #5523 )
8 years ago
Aleksander Machniak
e306328340
Fix storing "empty" values in rcube_cache/rcube_cache_shared ( #5519 )
8 years ago
Aleksander Machniak
7e90de4ef5
write_record() should return boolean value
8 years ago
Aleksander Machniak
68221ed4ae
Improve uppercase/lowercase/ucfirst attrib handling in rcube::gettext()
...
- Make ucfirst mode compatible with UTF-8
- Fix bug which made uppercase=FIRST non-working
- Replace \n with real line-break before converting char case
8 years ago
Aleksander Machniak
6e0effa54c
Fix "Illegal string offset" warning in rcube::log_bug() on PHP 7.1 ( #5508 )
8 years ago
Aleksander Machniak
e17e8851f1
CS improvements, _xor() method replaced with an anonymous function
8 years ago
Aleksander Machniak
556c1725a7
Unify automatic marking as \Seen in preview pane, full-page and extwin views ( #5071 )
...
We now have one 'mail_read_time' option that works for all cases.
Option 'preview_pane_mark_read' has been removed and marked as an alias.
8 years ago
Aleksander Machniak
f43f5bf93f
Use JSON_PRETTY_PRINT in devel_mode
...
This effectively makes PHP 5.4 a real requirement
8 years ago
Aleksander Machniak
4e0532808d
Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc ( #5452 )
...
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
8 years ago
Aleksander Machniak
cf9f0d8829
Fix bug where IMAP password could be exposed via error message ( #5472 )
8 years ago
Aleksander Machniak
b8f9ba7d47
Fix bug where deleting folders with subfolders could fail in some cases ( #5466 )
8 years ago
Aleksander Machniak
b258b91560
Do not show inline images of unsupported mimetype ( #5463 )
8 years ago
Aleksander Machniak
8a51607671
Fix regression where creation of default folders wasn't functioning without prefix ( #5460 )
8 years ago
Aleksander Machniak
9e129383a1
Improve randomness of password salts and random hashes ( #5266 )
8 years ago
Aleksander Machniak
195dc11855
Support host-specific imap_conn_options/smtp_conn_options/managesieve_conn_options ( #5136 )
8 years ago
Aleksander Machniak
8c75dd3aa8
Add convenient method to create new session records
8 years ago
Aleksander Machniak
42ddfe5ec9
Simplify mbstring code path in rcube_charset::convert()
8 years ago
Aleksander Machniak
c1c0a0d815
Implemented rcube::sleep() method for disconnecting all external connection in long-running/sleeping scripts
8 years ago
Aleksander Machniak
f92052fd73
Fix so when moving to Trash we make sure the folder exists ( #5192 )
8 years ago
Aleksander Machniak
2999cc38a5
Generate more compact HTML5 code, e.g. use short form of boolean attributes
8 years ago
Aleksander Machniak
defdf84bb7
Really fix login form regression
...
Remove 'form' from allowed attributes list of input field. We needed
it only for a moment, now we don't. It's also not supported by IE/Edge
which means there's no way we would need it. Maybe some day...
8 years ago
Aleksander Machniak
32e5a6bbcf
Fix bug where folder creation could fail if personal namespace contained more than one entry ( #5403 )
...
+ small code improvements
8 years ago
Aleksander Machniak
43f3c5fb2a
Implement "one click" attachment upload ( #5024 )
8 years ago
Aleksander Machniak
c65bb121eb
Describe Framework requirements, drop some redundant code (since we require mbstring)
8 years ago
Aleksander Machniak
9debc38724
Drop mail_header_delimiter option, since we don't use mail() we don't need it
8 years ago
Aleksander Machniak
184de7735c
CS fixes (mostly phpdoc)
8 years ago
Aleksander Machniak
2298ecf7f6
Fix E_DEPRECATED warning when using Auth_SASL::factory() ( #5401 )
8 years ago
Aleksander Machniak
0836b213db
Removed useless 'created' column from 'session' table ( #5389 )
8 years ago
Aleksander Machniak
94f8ce3334
Make html::parse_attrib_string() more robust
...
Fixes PHP Error: Expression parse error on: ($app->config->get('preview_pane',rcube_utils::get_boolean('')) == true ? ' checked=checked' : ')
8 years ago