Commit Graph

16 Commits (d204814a39509a9709f9e4cb60ef52ff501d530d)

Author SHA1 Message Date
Aleksander Machniak 681ba6fc3c Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
10 years ago
Thomas Bruederli 2e713d00f5 Set comm_path env variable after reset 10 years ago
Aleksander Machniak c97625e02a CS fixes 11 years ago
Thomas Bruederli e46d060a4a Fix errors in error page :-) 11 years ago
Thomas Bruederli 95d2892686 Fix HTTP User-Agent XSS vulnerability (#1488737) 12 years ago
Aleksander Machniak b97d0e11b5 Fix empty user agent string on error page for "incompatible browser" error 13 years ago
Aleksander Machniak 041c93ce0b Removed $Id$ 13 years ago
alecpl 0c259682f6 - Merge devel-framework branch, resolved conflicts 13 years ago
thomascube 1e09cd0811 Slighlty increase minimum browser requirements 13 years ago
thomascube 7fe3811c65 Changed license to GNU GPLv3+ with exceptions for skins and plugins 13 years ago
alecpl d7b35c22af - Fix usage of non-standard HTTP error codes (#1487797) 14 years ago
thomascube a77cf2292b Add optional referer check to prevent CSRF in GET requests 14 years ago
thomascube f5e7b35307 Bumbed version; Roundcube development is not Switzerland only 14 years ago
alecpl e019f2d0f2 - s/RoundCube/Roundcube/ 14 years ago
alecpl b25dfd0913 - removed PHP closing tag 15 years ago
alecpl 24c91ed78e - Moved error.inc to /utils
- Removed bugs.inc (content copied into main.inc)
15 years ago