Thomas Bruederli
54a3712ada
Modify links in html messages during Washtml DOM traversal
...
This is a more safe approach than using regex and mitigates
possible vulnerabilities using malformed html markup.
7 years ago
Thomas Bruederli
fb43d2e608
Escape textarea contents in Washtml
7 years ago
Aleksander Machniak
9bfacb4d3c
Fix bug where comment notation within style tag would cause the whole style to be ignored ( #5747 )
8 years ago
Aleksander Machniak
1568bd9e04
Fix bug where external content in src attribute of input/video tags was not secured ( #5583 )
8 years ago
Aleksander Machniak
f90f22ffb8
Fix bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
8 years ago
Aleksander Machniak
fcf1a988a1
Wash position:fixed style in HTML mail for better security ( #5264 )
8 years ago
Aleksander Machniak
fa0769dc0e
Better time handling in rcube_utils::clean_datestr()
8 years ago
Aleksander Machniak
4624b22967
Managesieve: Fix parsing of vacation date-time with non-default date_format ( #5372 )
...
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
8 years ago
Aleksander Machniak
9fe1cf16b3
Fix handling of blockquote tags with mixed case on html2text conversion ( #5363 )
8 years ago
Aleksander Machniak
12b7d5f1b5
Fix XSS issue in href attribute on area tag ( #5240 , #5241 )
9 years ago
Aleksander Machniak
a0f38f5fd8
Small code style improvements
9 years ago
Aleksander Machniak
e8ab3d96bd
Fix converting mail addresses with @www. into mailto links ( #5197 )
9 years ago
Aleksander Machniak
ed1d212ae2
Improved SVG cleanup code
9 years ago
Aleksander Machniak
cbe701ac4a
Fix rcube_utils::words_match() to work with mixed/invalid/binary content (T844)
9 years ago
Aleksander Machniak
9234903287
Fix HTML sanitizer to skip <!-- node type X --> in output ( #1490583 )
9 years ago
Aleksander Machniak
26086981a2
Improve randomness of security tokens ( #1490529 )
9 years ago
Aleksander Machniak
a63f14ec40
Emoticons-related code refactoring
...
- Emoticons: All emoticons-related functionality is handled by the plugin now
- Emoticons: Added option to switch on/off emoticons in compose editor (#1485732 )
- Emoticons: Added option to switch on/off emoticons in plain text messages
- Plugin API: Added disabled_plugins an disabled_buttons options in html_editor hook
- Plugin API: Added html2text hook
9 years ago
Aleksander Machniak
7a42173a16
Simplify rcube_utils::check_ip()
9 years ago
Aleksander Machniak
f4c512336d
Fix "washing" of style elements wrapped into many lines
9 years ago
Aleksander Machniak
1b39d9a6c7
PHP7: Fixed some E_WARNING errors that previously were E_STRICT
9 years ago
Aleksander Machniak
1b8ca08e5b
Added GSSAPI/Kerberos authentication plugin - krb_authentication
9 years ago
Aleksander Machniak
2d73205ec8
Skip rcube_ldap_generic test if Net_LDAP3 is not available
9 years ago
Aleksander Machniak
8447bae77c
Require Mbstring and OpenSSL extensions ( #1490415 ) - remove redundant code
10 years ago
Aleksander Machniak
f7427f151e
Get rid of Mail_mimeDecode package dependency ( #1490416 )
10 years ago
Aleksander Machniak
25c8fe4eeb
Fix handling of non-break spaces in html to text conversion ( #1490436 )
10 years ago
Aleksander Machniak
ff40683404
Fix so links with href == content aren't added to links list on html to text conversion ( #1490434 )
10 years ago
Thomas Bruederli
c5ca818118
Adapt washtml test to pass with different versions of iconv (i.e. on CentOS7)
10 years ago
Thomas Bruederli
7eefdc8149
Adapt charset cleanup tests to pass with different versions of iconv propucing slightyl different output
10 years ago
Thomas Bruederli
9311fea09b
Add utility functiion to get an elemet's text content also when running tests in PhantomJS
10 years ago
Aleksander Machniak
3994b3a26c
Installer: Use openssl_random_pseudo_bytes() (if available) to generate des_key ( #1490402 )
10 years ago
Thomas Bruederli
68ca963319
Use the right syntax for group assignments
10 years ago
Thomas Bruederli
b5f64294a8
Tag more tests with @mbstring
10 years ago
Thomas Bruederli
0bfc862283
Specify test groups for inclusion/exclusion
10 years ago
Aleksander Machniak
c4ad7edd53
Fix font artifacts in text2html conversion ( #1490353 )
...
Use white-space:nowrap elements instead of unicode word-joiner character
10 years ago
Thomas Bruederli
91f2171e85
Use the right properties from rcube_db::parse_dsn() result
10 years ago
Thomas Bruederli
2fece8372e
Allow selenium tests to use explicit login credentials
10 years ago
Thomas Bruederli
0d4d43375c
Support tests running with an sqlite database
10 years ago
Thomas Bruederli
28b1cb04b6
Add more utility functions to prepare the IMAP account used for testing
10 years ago
Thomas Bruederli
f7c5f44ffb
Populate IMAP test account with sample message and test its listing in Selenium tests
10 years ago
Aleksander Machniak
389f70996c
Skip some tests on PHP 5.3.3
10 years ago
Aleksander Machniak
f7565da34b
Add some more tests for rcube_charset::clean()
10 years ago
Aleksander Machniak
eb58b6c537
Fix failing rcube_utils::strtotime() test if system timezone was different than expected
10 years ago
Aleksander Machniak
d86ff98339
Fix font artifact in Google Chrome on Windows ( #1490353 )
10 years ago
Aleksander Machniak
53cbebf8ad
Fix handling spaces after <br> on html2text conversion
10 years ago
Aleksander Machniak
496972bf95
Fix backtick character handling in sql queries ( #1490312 )
10 years ago
Aleksander Machniak
13e0a6556f
Fix handling of some improper constructs in format=flowed text as per the RFC3676[4.5] ( #1490284 )
10 years ago
Aleksander Machniak
786aa0725e
Fix XSS issue in style attribute handling ( #1490227 )
10 years ago
Aleksander Machniak
d204814a39
Fix test for blocked.gif according to recent changes
10 years ago
Thomas Bruederli
e8b82c2e7b
Fix rcube_utils::normalize_string() to support unicode characters + add argument for minimum token length
10 years ago
Thomas Bruederli
09c58d1add
Make rcube_utils::strtotime() timezone aware ( #1490163 )
10 years ago