Commit Graph

386 Commits (8d9945c4f6a59296bedef8c2bb097601f06c07c6)

Author SHA1 Message Date
Aleksander Machniak 681ba6fc3c Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
10 years ago
Andriy Yurchuk 402c1bff01 Clarify temp/logs directories permissions 10 years ago
Thomas Bruederli 507dad3354 Clarify spell check settings in default config 10 years ago
Thomas Bruederli acf8d67c96 Add 'sig_max_lines' config option to defaults (#1490071) 10 years ago
Thomas Bruederli 44b47dfb35 Add config/preference option to disable saving messages in localStorage (#1489979) 10 years ago
Victor Benincasa aecdf0644d Remove $config['default_folders'] from config tips
Remove $config['default_folders'] from config tips as this option was removed on commit dc0b500.
Related ticket: http://trac.roundcube.net/ticket/1489737
10 years ago
Thomas Bruederli 561f5e0a22 Describe new config options 10 years ago
Aleksander Machniak d01f9fc7f5 Add option (disabled_actions) to disable UI elements/actions (#1489638) 10 years ago
Aleksander Machniak 36d004e3d0 Added 'contact_search_name' option to define autocompletion entry format 11 years ago
Aleksander Machniak 3cc1afa1c2 Support images in HTML signatures (#1488676)
This enables image button and file browser in html editor for signatures
11 years ago
Aleksander Machniak cd01dc027b Add option to set default message list mode - default_list_mode (#1487312) 11 years ago
Aleksander Machniak 109bcce470 Add config option to specify IMAP connection socket parameters - imap_conn_options (#1489948) 11 years ago
Aleksander Machniak 769829a0ce Add notes about messages_cache setting requirements (#1489946) 11 years ago
Aleksander Machniak d519008498 Add configurable LDAP_OPT_DEREF option (#1489864) - patch from Stuart C. Naifeh 11 years ago
Aleksander Machniak 2ea27162e8 Add comment about behavior with empty im_*_path 11 years ago
Thomas Bruederli b867bb81e1 Merge branch 'x-forwarded-whitelist' of github.com:tribut/roundcubemail into tribut-x-forwarded-whitelist 11 years ago
Aleksander Machniak 5be6dcf0e2 Remove useless debug_level=8 and javascripts's rcube_console 11 years ago
Aleksander Machniak dc0b500e78 Removed redundant default_folders config option (#1489737)
Implemented IMAP SPECIAL-USE extension support [RFC6154] (#1487830)
11 years ago
Felix Eckhofer ef721fc430 Add config variable 'proxy_whitelist'
HTTP headers X_FORWARDED_* and X_REAL_IP are only evaluated when
received from an IP listed in proxy_whitelist. Furthermore, only the
last non-trusted IP from X-Forwarded-For is used in place of the real
ip.

Without this, an attacker can easily spoof the headers and control the
result of the ip or ssl check.

This fixes several problems with [3a4c9f42], [4d480b36] and [a520f331] as
mentioned in #1489729.
11 years ago
Felix Eckhofer 3fca238554 Fix typo in comment 11 years ago
Thomas Bruederli 1562a83608 Add mime-type mapping for 7zip files (#1489512) 11 years ago
Aleksander Machniak 357f9c831a Support SMTP socket context options via new config option 'smtp_conn_options' 11 years ago
Thomas Bruederli 3786a48aeb * New option that write logs to per-user directories. (Debug) logs will only be written if a directory for the current user exists.
* The 'write_log' plugin hook now also supports the return property 'dir' to let plugins specify the log directory.
11 years ago
Thomas Bruederli 57def0d195 Use absolute paths in default config 11 years ago
Thomas Bruederli 4a05e8a7e8 Finish advanced prefs feature (#1488829) 11 years ago
Aleksander Machniak 88934b6132 Keep all security rules in one place, support Apache 2.4 syntax 11 years ago
Aleksander Machniak b972b4c4c0 Add an option to disable smart Reply-List behaviour - reply_all_mode (#1488734) 11 years ago
Thomas Bruederli 3ce7c56826 Applied the (modified) patch to extend configuration possibilities of LDAP address books as suggested in #1488753:
- Add option to specify arbitrary replacements of config options with attributes from the bound user
- Allow mapping of group object class => member attribute used in these objects
- Describe the 'member_filter' property for groups config
11 years ago
Thomas Bruederli 98b7b548a2 Merge branch 'dev-canned-responses'
Conflicts (resolved):
	skins/classic/includes/settingstabs.html
	skins/larry/includes/settingstabs.html
11 years ago
Thomas Bruederli b5216621ba Add spellchecker backend for the After the Deadline service. See http://www.afterthedeadline.com for server installations 11 years ago
Thomas Bruederli a69f9918cd Improve selection of replicated database connection:
- Analyze query and prefer dsnr unless a write operation for a table involved has been carried out before
- New config option and setter method to enforce connection mode on table level
11 years ago
Thomas Bruederli 92d18cf32e New option to disable the use of already established dsnw connections for subsequent reads 11 years ago
Aleksander Machniak 221b407307 Add comment that to use LDAP variables in bind_dn/base_dn user_specific must be enabled (#1489335) 11 years ago
Aleksander Machniak f1fba2d7fb Hide Delivery Status Notification option when smtp_server is unset (#1489336) 11 years ago
Thomas Bruederli 9c41ba3c9e Allow sysadmins to define static responses which are immutable for the user 11 years ago
Thomas B. 0201298cd8 Merge pull request #118 from Dennis1993/patch-12
Added support for default font size and fix legacy code for default font
11 years ago
Aleksander Machniak b5c364273d Merge pull request #107 from JohnDoh/multi-logo
allow different logos for different functions (eg. normal and print)
11 years ago
Aleksander Machniak 96f59c6150 Add option force specified domain in user login - username_domain_forced (#1489264) 11 years ago
Aleksander Machniak 21601b4deb Make cached message size limit configurable - messages_cache_threshold (#1489317) 11 years ago
Dennis1993 18995876e6 Update defaults.inc.php 11 years ago
Dennis1993 7dff4437c0 Update defaults.inc.php 11 years ago
Aleksander Machniak 060467df9d Log also failed logins to userlogins log 11 years ago
David Carter de8687f9f1 Add temp_dir_ttl configuration option to control expiry time in
program/lib/Roundcube/rcube.php : gc_temp().

Default is 48 hours. Define hard wired minimum of 6 hours.
11 years ago
PhilW d81d69377a use template file name rather than special attribute 11 years ago
PhilW a77504aeac allow different logos for different functions (eg. normal and print) 11 years ago
Aleksander Machniak b32fab16ef Fix handling of non-default date formats (#1489294)
- remove ambiguous m/d/Y format from default config
11 years ago
Thomas Bruederli 8d2963a4bf Make session auth cookie name configurable 11 years ago
Aleksander Machniak bc94e296e7 Correct imap_timeout and smtp_timeout description, so 0 doesn't mean
no limit, but default_socket_timeout use (#1489247)
11 years ago
Thomas Bruederli 7c68484b23 Fix config defaults 12 years ago
Thomas Bruederli 0703bfecd0 Merged configuration refactoring from 'dev_config' branch back into master (#1487311) 12 years ago