Commit Graph

53 Commits (d1bf0feed4db67adacbec1148d1ac15b9e1a68c2)

Author SHA1 Message Date
Aleksander Machniak 681ba6fc3c Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
10 years ago
Thomas Bruederli 2e713d00f5 Set comm_path env variable after reset 10 years ago
Aleksander Machniak 34a0902089 Use consistent column/table quoting in sql queries 10 years ago
Aleksander Machniak 731d190fec Merge branch 'tinymce4'
Conflicts:
	program/js/app.js
	program/js/editor.js
	program/js/tiny_mce/tiny_mce.js
	program/steps/utils/spell_html.inc
11 years ago
Aleksander Machniak 2f1a81fa40 Bring back "Add To Dictionary" feature 11 years ago
Aleksander Machniak efc470f0ac Merge branch 'dev-text2html'
Conflicts:
	program/js/app.js

Fix handling magic_quotes in rcube_text2html and rcube_html2text - move
stripslashes from these classes to action files
11 years ago
Aleksander Machniak eda92ed4c0 Improved display of plain text messages and text to HTML conversion (#1488937)
Now instead of <pre> we use <div class="pre"> styled with monospace
font. We replace whitespace characters with non-breaking spaces where
needed. I.e. plain text is always unwrappable, until it uses format=flowed,
in such a case only flowed paragraphs are wrappable.

Also conversion of text to HTML in compose editor was modified in the same way.
11 years ago
Aleksander Machniak 60a67f52ad Don't use $HTTP_RAW_POST_DATA deprecated in PHP 5.6 11 years ago
Aleksander Machniak f41912e4cb Allow <> characters in spellchecking text 11 years ago
Aleksander Machniak 89d6ce6846 Update to TinyMCE 4.x 11 years ago
Aleksander Machniak a54cff4c56 Fix error when spell-checking an empty text (#1489831) 11 years ago
Aleksander Machniak fbe5bc9ba2 CS fixes 11 years ago
Steffen185 6446d0ac97 modcss.inc: Fixed CS 11 years ago
Steffen185 add515bc74 Make modcss.inc work with allow_url_fopen = Off
Alternatively use the PHP cURL extension
11 years ago
Aleksander Machniak c97625e02a CS fixes 11 years ago
Aleksander Machniak 6b2b2eca5f Remove deprecated functions (these listed in bc.php file) usage 11 years ago
Thomas Bruederli e46d060a4a Fix errors in error page :-) 11 years ago
Thomas Bruederli c344b64f13 Get supported spell-check languages from the configured backend; replace suspended google spell service with our new service at spell.roundcube.net 11 years ago
Aleksander Machniak 70c7df8faa Fix vulnerability in handling _session argument of utils/save-prefs (#1489382) 11 years ago
Thomas Bruederli c58cb8aa95 Strip spell checker error message for logging; remove unused sprintf() 11 years ago
Aleksander Machniak cfe2fc8b30 Log spellchecker error also in html mode 12 years ago
Thomas Bruederli b15cc7d6f4 Check Google spell check service response for errors and report them accordingly 12 years ago
Aleksander Machniak 648fcf5709 Whitelist configuration options (user preferences) that can be changed using save-pref command 12 years ago
Aleksander Machniak 66afd70b75 Framework'ize html2text class 12 years ago
Thomas Bruederli c72a96144d Improve line wrapping behavior where message charset is changed by plugins (including html2plaintext conversion) 12 years ago
Thomas Bruederli 95d2892686 Fix HTTP User-Agent XSS vulnerability (#1488737) 12 years ago
Aleksander Machniak cd482ebce6 Fix SQL errors handling 12 years ago
Aleksander Machniak 2b992c5683 Remove unused variable 12 years ago
Aleksander Machniak 2b21b97ef0 Use file_get_contents() to make code simpler and to fix possible infinite loop 13 years ago
Aleksander Machniak b97d0e11b5 Fix empty user agent string on error page for "incompatible browser" error 13 years ago
Aleksander Machniak 041c93ce0b Removed $Id$ 13 years ago
alecpl 0c259682f6 - Merge devel-framework branch, resolved conflicts 13 years ago
thomascube 1e09cd0811 Slighlty increase minimum browser requirements 13 years ago
thomascube 7fe3811c65 Changed license to GNU GPLv3+ with exceptions for skins and plugins 13 years ago
alecpl 6807865d76 - Update killcache with new cache tables 13 years ago
alecpl 66df084203 - Merge devel-spellcheck branch:
- Added spellchecker exceptions dictionary (shared or per-user)
  - Added possibility to ignore words containing caps, numbers, symbols (spellcheck_ignore_* options)
13 years ago
alecpl b4edf78e4b - Provided rcube_spellchecker class, simplified code in utils task (less spell* files) 14 years ago
alecpl d7b35c22af - Fix usage of non-standard HTTP error codes (#1487797) 14 years ago
alecpl 8b2c23d603 - Use \n as a word separator to workaround some strange Google spellchecker issue 14 years ago
thomascube a77cf2292b Add optional referer check to prevent CSRF in GET requests 14 years ago
thomascube 3e0e9148ef Prevent from relaying arbitrary requests through modcss.inc (security issue) 14 years ago
thomascube f5e7b35307 Bumbed version; Roundcube development is not Switzerland only 14 years ago
alecpl 7472893512 - Fix plaintext versions of HTML messages don't contain placeholders for emotions (#1485206) 14 years ago
alecpl 11bcac5802 - Fix HTML to plain text conversion doesn't handle citation blocks (#1486921) 14 years ago
alecpl e019f2d0f2 - s/RoundCube/Roundcube/ 14 years ago
alecpl ffc040bf9e - update ID keyword 14 years ago
alecpl 614c642a4b - Fix list_cols is not updated after column dragging (#1486999)
- Improved save-pref action and moved to separate file in utils task directory
- Improved http_post/http_request to support first argument in form 'task/action'
14 years ago
thomascube 52c0f7626c Strip protocol from hostname in HTTP headers (#1486868) 14 years ago
alecpl 9ed374bbe1 - fix for empty suggestions result 15 years ago
alecpl f4f6291ec1 - Use built-in spellchecker instead of a PHP files of spellchecker plugin in TinyMCE 15 years ago