Aleksander Machniak
186f21c4c1
Avoid Referer leaking by using Referrer-Policy:same-origin header ( #6385 )
...
Added 'common_headers' hook
6 years ago
Aleksander Machniak
c8d133a6a0
Merge branch 'master' into dev/elastic
6 years ago
Aleksander Machniak
b126941846
Fix session issue on long running requests ( #6470 )
6 years ago
Stefanos Petrakis
8ab1e4fbc3
Fix multiple VCard field search ( #6466 )
6 years ago
Aleksander Machniak
0a0ac045fe
Fix bug where valid content between HTML comments could have been skipped in some cases ( #6464 )
6 years ago
Aleksander Machniak
255638cc44
Update changelog, require Net_SMTP 1.8.1 for GSSAPI support
6 years ago
urusha
75f37f8b0f
SMTP GSSAPI support ( #6417 )
...
* krb_authentication support for smtp_connect
* smtp GSSAPI support
6 years ago
Aleksander Machniak
2dcf50019c
Merge branch 'master' into dev/elastic
6 years ago
Aleksander Machniak
e38b477b99
Fix including plugin scripts (regression)
6 years ago
Aleksander Machniak
2c12274d38
Fix style/navigation on error page depending on authentication state ( #6362 )
6 years ago
Aleksander Machniak
4310046993
Remove redundant trim()
6 years ago
Aleksander Machniak
c28242f63c
Log errors caused by low pcre.backtrack_limit when sending a mail message ( #6433 )
6 years ago
Aleksander Machniak
03fef0d6ca
New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params ( #6419 )
6 years ago
Aleksander Machniak
796e5a17e6
Removed referer_check option ( #6440 )
6 years ago
Aleksander Machniak
eaa81a5b61
Fix so invalid smtp_helo_host is never used, fallback to localhost ( #6408 )
6 years ago
Allan Klaus
6a49ba5aa2
Added exec_hook to send error to an external error tracking tool ( #6198 )
6 years ago
Aleksander Machniak
5cdb54221f
Fix listing the same attachment multiple times on forwarded messages
6 years ago
Aleksander Machniak
24e3977d74
Fix invalid regular expressions that throw warnings on PHP 7.3 ( #6398 )
6 years ago
Aleksander Machniak
19332495b0
Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 ( #6383 )
6 years ago
Aleksander Machniak
988ed7e565
Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 ( #6374 )
6 years ago
Aleksander Machniak
4f2b795cd2
Fix doc for 3rd argument of rcube::deliver_message() ( #6353 )
6 years ago
Aleksander Machniak
cba1605949
Add http_only argument to rcube_utils::setcookie()
7 years ago
Aleksander Machniak
086e781b8f
Fix bug where some HTML comments could have been malformed by HTML parser ( #6333 )
7 years ago
Aleksander Machniak
fd7d7faabd
Improve checking folder delete rights according to RFC 4314
7 years ago
Aleksander Machniak
58e514970e
Add option to hide folders in share/other-user namespace or outside of the personal namespace root ( #5073 )
7 years ago
Aleksander Machniak
5e3868eb10
Fix so attachment without Content-ID is not an inline attachment ( #5905 )
7 years ago
Aleksander Machniak
e9d38e847c
Re-add setting error_log=syslog when log_driver=syslog
7 years ago
Aleksander Machniak
3d0b2cd3ce
Pass PEAR errors to rcube::raise_error(), small CS improvements
7 years ago
Aleksander Machniak
12b1b54792
Fix bug where after "mark all folders as read" action message counters were not reset ( #6307 )
...
also fixed one PHP 7.2 warning
7 years ago
Aleksander Machniak
6691756ea1
Fix bug where unicode contact names could have been broken/emptied or caused DB errors ( #6299 )
7 years ago
Aleksander Machniak
30ab2eec5f
Remove function_exists() checks for mbstring functions
7 years ago
Aleksander Machniak
4b97f40af9
Get rid of debug_level ( #6298 )
7 years ago
Aleksander Machniak
71eec07d25
Fix regression where some non-inline attachments could be not listed ( #6291 )
7 years ago
Aleksander Machniak
430c000e32
Support skin localization ( #5853 )
7 years ago
Aleksander Machniak
1247a8dd7d
Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names
7 years ago
Aleksander Machniak
0716d499bc
Fix bug where some escape sequences in html styles could bypass security checks
7 years ago
Edgaras L
c236c22c41
Parse all quotas from GETQUOTAROOT ( #6280 )
7 years ago
Aleksander Machniak
c0b9025215
Remove sample PHP configuration from .htaccess and .user.ini files ( #5850 )
...
Moved to https://github.com/roundcube/roundcubemail/wiki/Installation#php-configuration
7 years ago
Aleksander Machniak
63d3ad11fb
Use Masterminds/HTML5 parser for HTML5 support ( #5761 )
7 years ago
Aleksander Machniak
e79838aaac
Enigma: Disable autofill for new keypair password
7 years ago
Aleksander Machniak
dd3ea4ed2b
Fix extracting codepage
7 years ago
Aleksander Machniak
8a6a9e86ae
Fix handling of forwarded messages inside of a TNEF message ( #5632 )
7 years ago
Aleksander Machniak
a889f55c31
Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl ( #6244 )
7 years ago
Aleksander Machniak
b2bebe531a
Fix bug where usernames without domain part could be malformed or converted to lower-case on logon ( #6224 )
7 years ago
Aleksander Machniak
8df6d7c3e4
Fix regression in compressMessageSet() ( #6235 )
7 years ago
Aleksander Machniak
8b0540d402
Fix possible IMAP command injection and type juggling vulnerabilities ( #6229 )
7 years ago
Aleksander Machniak
df3878501c
Fix PHP 7.2: count(): Parameter must be an array in enchant-based spellchecker ( #6234 )
7 years ago
Aleksander Machniak
73ea8f94d0
Use htmlspecialchars() with charset argument, simplify some code
7 years ago
Aleksander Machniak
f36e23b778
Fix parsing date strings (e.g. from a Date: mail header) with comments ( #6216 )
7 years ago
Aleksander Machniak
2196f50437
Support redis_debug in the redis session driver
7 years ago
Aleksander Machniak
0f3ad342f7
Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() ( #6212 )
7 years ago
Aleksander Machniak
a451ad6599
Fix handling encoding of HTML tags in "inline" JSON output ( #6207 )
7 years ago
Aleksander Machniak
981cd8726d
Remove holes in cache index keys - makes the serialized representation shorter
7 years ago
Aleksander Machniak
1058924e21
Move some framework classes to sub-directories
7 years ago
Aleksander Machniak
d07b032bcd
Refactor cache code with separate engine-specific classes
7 years ago
Aleksander Machniak
fa06d37901
Merge branch 'feature/add_redis_as_cache' of https://github.com/ledgr/roundcubemail into ledgr-feature/add_redis_as_cache
7 years ago
Aleksander Machniak
6bfebc5e32
Add sanity check when auto-unsubscribing non-existing folders
7 years ago
Aleksander Machniak
1556eb01c7
Use JSON_UNESCAPED_UNICODE only on PHP >= 7.1.0 ( #6187 )
7 years ago
laodc
672e57ea48
Patched bug where rcube_db::quote() was causing an infinite connection loop. ( #6175 )
...
As rcube_db::quote() checks to see if the connection is up before quoting, this would cause the class to try connect again, as rcube_db::$dbh was not being set until AFTER conn_configure was completed, causing a loop.
So updated rcube_db::$dbh in the rcube::conn_create() function instead allowing access to the new object straight away.
It's needed for edeb5d7
.
7 years ago
Aleksander Machniak
a1be62b19d
Remove redundant trim()
7 years ago
Aleksander Machniak
9d2b303b51
Fix bug in remote content blocking on HTML image and style tags ( #6178 )
7 years ago
Aleksander Machniak
b46cd5de1d
Fix PHP Warning: exif_read_data(...): Illegal IFD size ( #6169 )
7 years ago
Edgaras Lukoševičius
e371469664
Add Redis as cache backend
7 years ago
laodc
edeb5d7ab4
Add support for PostgreSQL schemas in DSN ( #6150 )
...
If schema is set in the dsn, set search_path to the schema value.
Example:
$config['db_dsnw'] = 'pgsql://user:pass@localhost/dbname?schema=exampleschema';
7 years ago
Aleksander Machniak
4793ec753a
Remove double-quotes in filename* parameter of the Content-Disposition of downloads ( #5857 )
7 years ago
Aleksander Machniak
55e99398e1
Fix possible information leak - add more strict sql error check on user creation ( #6125 )
7 years ago
Aleksander Machniak
ce338164e3
Fix bug where contacts search could skip some records ( #6130 )
7 years ago
Richard Hillmann
59bbf6c081
Fix preg_match in guess_type function ( #6123 )
7 years ago
Aleksander Machniak
b172fb505c
Improve trusted_host_patterns code
7 years ago
Aleksander Machniak
4a5ca74724
Merge branch 'trusted-host-patterns' of https://github.com/dsoares/roundcubemail into dsoares-trusted-host-patterns
7 years ago
Daniel Kesselberg
a8d5547163
Update idn convertion methods ( #6115 )
...
* Add more test cases
* Update phpdoc
7 years ago
Aleksander Machniak
63a7d2313f
Improve SMTPUTF8 support and fix relaxed email validation issues
7 years ago
Aleksander Machniak
5665344673
Merge branch 'smtputf8' of https://github.com/jprjr/roundcubemail into jprjr-smtputf8
7 years ago
Aleksander Machniak
a2875cdda9
- Fix searching contacts by address in LDAP source ( #6084 )
7 years ago
Aleksander Machniak
c0959bd619
Sanity checks for header data length in FETCH ( #6087 )
...
Where we know what expected data length is we truncate the input.
7 years ago
Aleksander Machniak
3cdc8af297
Fix possible performance issue when parsing malformed and long Date header ( #6087 )
7 years ago
johndoh
05d1b1947e
Check for minified CSS files ( #6089 )
7 years ago
Aleksander Machniak
3488531b26
Fix PHP Warning: Use of undefined constant INTL_IDNA_VARIANT_UTS46 on servers without php-intl extension
7 years ago
Georgeto
161038ee87
Support additional connect parameters in PostgreSQL database wrapper ( #6071 )
...
Most notably this change enables you to specify whether or with what
priority a secure SSL TCP/IP connection will be negotiated with the
database server.
7 years ago
Aleksander Machniak
61a6666eee
Small CS fixes
7 years ago
Aleksander Machniak
ca39a4e093
Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated" with PHP 7.2 ( #6075 )
7 years ago
Aleksander Machniak
36638ec0c2
Fix untagged COPYUID responses handling - again ( #5982 )
7 years ago
Aleksander Machniak
9ce8948294
Get rid of the 2nd argument of include_stylesheet()
...
.. make the optional behavior default now.
7 years ago
Aleksander Machniak
1cf72fa2b6
Allow plugins to include Less files ( #6051 )
7 years ago
Aleksander Machniak
c6b2d8bead
Merge branch 'dev-elastic'
7 years ago
Aleksander Machniak
4cb7713520
Fix checking table columns when there's more schemas/databases in postgres/mysql ( #6047 )
7 years ago
Aleksander Machniak
a6c37b7735
Fix broken long filenames when using imap4d server - workaround server bug ( #6048 )
7 years ago
Aleksander Machniak
eed4be3ba6
Display value of the SMTP message size limit in the error message ( #6032 )
7 years ago
Aleksander Machniak
4dc1f3b757
Use configured log_file_ext also for errors thrown by PHP ( #6035 )
7 years ago
Aleksander Machniak
910c735b87
Merge branch 'master' into dev-elastic
7 years ago
Aleksander Machniak
a0374f3c45
Fix mangled non-ASCII characters in links in HTML messages ( #6028 )
7 years ago
Aleksander Machniak
23af0b7f36
Merge branch 'master' into dev-elastic
7 years ago
dsoares
5282cbaff9
Check against trusted_host_patterns in rcube_utils::parse_host()
7 years ago
Aleksander Machniak
0f4f85e097
Skip redundant INSERT query on successful logon when using PHP7
...
Since PHP 7.0 session_regenerate_id() will cause the old session data update.
This is redundant INSERT query and also produces a record for the session
we don't need anymore.
7 years ago
Aleksander Machniak
ef0982f1b8
Merge branch 'master' into dev-elastic
7 years ago
dsoares
50a9c8f777
Add option trusted_host_patterns
7 years ago
JohnDoh
515d496808
Replace display_version with display_product_info ( #5904 )
7 years ago
Aleksander Machniak
e21ab984bc
Skip <span> wrappers in html_table that is a <ul> list
7 years ago
Aleksander Machniak
d815525c6a
Merge branch 'master' into dev-elastic
7 years ago
Brendan Braybrook
4574870adc
fix: unknown content-disposition type should be treated as attachment ( #6002 )
7 years ago