Commit Graph

217 Commits (9aaeb23d9de9324f2b5450b844b2155543a7e2e4)

Author SHA1 Message Date
Aleksander Machniak a15d877ba8 Added brute-force attack prevention via login rate limit (#1490566) 9 years ago
Aleksander Machniak 1b39d9a6c7 PHP7: Fixed some E_WARNING errors that previously were E_STRICT 9 years ago
Aleksander Machniak 4b72a1f498 Fix error when using back button after sending an email (#1490009) 9 years ago
Aleksander Machniak a958748947 CS fixes 10 years ago
Aleksander Machniak 3779b67a9c Set version number to 1.2-git 10 years ago
Thomas Bruederli 2f8b1036da Bump version and copyright year 10 years ago
Aleksander Machniak 681ba6fc3c Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
10 years ago
Thomas Bruederli c45507e317 Fix login error message display broken in b51de327 10 years ago
Thomas Bruederli b51de3279f Display custom error messages from plugins hooks (as documented in the API spec) 10 years ago
Thomas Bruederli a873d934f5 Give precedence to plugin.* actions over custom tasks registered by plugins 10 years ago
Aleksander Machniak d01f9fc7f5 Add option (disabled_actions) to disable UI elements/actions (#1489638) 10 years ago
Thomas Bruederli 7e7e451b66 Warn for unsent/unsaved message when closing compose window; remove localStorage copy if page was left intentionally but not on session errors (#1489818) 11 years ago
Aleksander Machniak d19a9b35cc Remove obsolete code that disables session check on 'send' action 11 years ago
Aleksander Machniak ba5c53e5c3 Send X-UA-Compatible as HTTP header instead of meta tag 11 years ago
Aleksander Machniak b360f707e8 Small code improvement 11 years ago
Aleksander Machniak 65f59fa3c6 Bump version number to 1.1-git 11 years ago
Aleksander Machniak 8d3d5b42b7 Prevent from "Call to undefined method rcmail_output_json::add_footer()" error 11 years ago
Aleksander Machniak 0301d9347f CS fixes 11 years ago
Thomas Bruederli 85e60ada15 First version of the local storage compose data saving feature; some behavioral improvements and encrytion are still to be added 11 years ago
Thomas Bruederli b461a2d72e Send last fetch time with 'refresh' requests and allow plugins to alter query parameters of http requests 11 years ago
Aleksander Machniak 060467df9d Log also failed logins to userlogins log 11 years ago
Thomas Bruederli deb2b8d080 Allow to load config files for different environments (#1487311); keep (non-default) filename in URLs throughout the webmail app 12 years ago
Aleksander Machniak a544971fe8 Fix error when using check_referer=true 12 years ago
Aleksander Machniak bb080af14d Bump version number up to 1.0-git 12 years ago
Thomas Bruederli 18e23ab763 Welcome to 2013 12 years ago
Aleksander Machniak a95687cfe8 Plugin API: Add 'refresh' hook 12 years ago
Aleksander Machniak 77de23fa93 Added cross-task 'refresh' request for system state updates 12 years ago
Aleksander Machniak b807084a6b - Fix (disable) request validation for spell and spell_html actions
Consider action whitelist also for ajax requests
12 years ago
Aleksander Machniak 2bbc3da52a - Check request tokens also in devel_mode 12 years ago
Aleksander Machniak 1c0ce1fe52 Plugin API: Add 'unauthenticated' hook (#1488138) 13 years ago
Aleksander Machniak 7c8fd80310 Show explicit error message when provided hostname is invalid (#1488550) 13 years ago
Aleksander Machniak 041c93ce0b Removed $Id$ 13 years ago
Brian Ronald b546b0dcfd Also, the license comments 13 years ago
alecpl d2191c619f - Fix redirect to mail/compose on re-login (1488226) 13 years ago
alecpl 1aceb9cec8 - Framework refactoring (I hope it's the last one):
rcube,rcmail,rcube_ui -> rcube,rcmail,rcube_utils
  renamed main.inc into rcube_bc.inc
13 years ago
alecpl 0c259682f6 - Merge devel-framework branch, resolved conflicts 13 years ago
thomascube 7fe3811c65 Changed license to GNU GPLv3+ with exceptions for skins and plugins 13 years ago
thomascube c321a955a7 Merged devel-framework branch (r5746:5779) back into trunk 13 years ago
alecpl fdff34093d - Move some checks into login() method 13 years ago
alecpl b6da0b76af - Remove deprecated global $IMAP variable usage (#1488148) 13 years ago
alecpl 80216d0b79 - Change version number to 0.8-svn 13 years ago
thomascube abdf31486a Allow cross-task ajax requests 13 years ago
alecpl 3703021713 - Plugin API: added 'ready' hook (#1488073) 13 years ago
thomascube 502436dad0 We're on the road towards 0.7 now 13 years ago
alecpl 9e54e6fd45 - Make the whole PHP output non-cacheable (#1487797) 13 years ago
thomascube 6354da5b8c Fix r5117: don't show error on default login page 13 years ago
thomascube 886aafe167 Don't rely on rcmail->task for session error check; use _REQUEST data instead 13 years ago
thomascube 94c0743cba Don't show session error message on logout 14 years ago
thomascube fcc7f861b1 Log session validation errors; keep error message when redirecting to login after session error 14 years ago
thomascube 28ac5cada2 Let plugins hook into keep-alive requests 14 years ago