Aleksander Machniak
|
e17fcf1649
|
Support ALLOW-FROM in x_frame_options (#5122)
|
8 years ago |
Aleksander Machniak
|
d02e6ea45e
|
Fix so templating system does not mess with external (e.g. email) content (#5499)
|
8 years ago |
Aleksander Machniak
|
edea8732a6
|
Fix regression where UI object could be not created on some pages (#5484)
|
8 years ago |
Aleksander Machniak
|
f43f5bf93f
|
Use JSON_PRETTY_PRINT in devel_mode
This effectively makes PHP 5.4 a real requirement
|
8 years ago |
Aleksander Machniak
|
638afafbd2
|
Make so rcmail.log() depends on devel_mode (#5193)
|
8 years ago |
Victor Benincasa
|
daeb66ee99
|
Fix login form
Fix a small bug introduced on commit 43f3c5f that breaks the login form ($attrib['form'] is checked at line 1899, so it cannot be unset).
|
8 years ago |
Aleksander Machniak
|
43f3c5fb2a
|
Implement "one click" attachment upload (#5024)
|
8 years ago |
Aleksander Machniak
|
184de7735c
|
CS fixes (mostly phpdoc)
|
8 years ago |
Thomas Bruederli
|
4a408843b0
|
Protect download urls against CSRF using unique request tokens (#1490642)
Send X-Frame-Options headers with every HTTP response
|
9 years ago |
Aleksander Machniak
|
10e5192a2b
|
Fix path traversal vulnerability in setting a skin (#1490620)
|
9 years ago |
dsoares
|
234fd19505
|
Replace deprecated call to Q within array_map()
|
9 years ago |
Aleksander Machniak
|
93e64008a6
|
Small code improvements
|
9 years ago |
Aleksander Machniak
|
252cc4c4ac
|
Password: Allow temporarily disabling the plugin functionality with a notice
|
9 years ago |
Aleksander Machniak
|
a958748947
|
CS fixes
|
10 years ago |
Thomas Bruederli
|
0bd99db08d
|
Localize common error messages; improve explanation for CSRF check failures
|
10 years ago |
Aleksander Machniak
|
681ba6fc3c
|
Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
|
10 years ago |
Thomas Bruederli
|
8d526c4938
|
Fix skin path handling in plugin context (#1488967):
The plugin skin directories are removed again from the search path after parsing of a plugin template has finished.
|
10 years ago |
Aleksander Machniak
|
1ffab0ad4a
|
Fix possible issues in skin/skin_path config handling (#1490125)
|
10 years ago |
Thomas Bruederli
|
8ef203827f
|
Make noshow attribute for roundcube:label tags actually work as supposed
|
10 years ago |
Aleksander Machniak
|
d01f9fc7f5
|
Add option (disabled_actions) to disable UI elements/actions (#1489638)
|
10 years ago |
Aleksander Machniak
|
ef51ae6d19
|
Reset also page header/footer on "dummy frames" - to prevent js error e.g. if some script depends on jQuery
|
11 years ago |
Aleksander Machniak
|
19138ef7a9
|
Make sure set_env and add_label commands are always sent first - other commands might depend on them.
Fixes loading message in managesieve filters frame.
|
11 years ago |
Thomas Bruederli
|
99cdca46b7
|
Merge branch 'dev-accessibility'
Conflicts:
program/include/rcmail_output_html.php
program/js/app.js
program/js/treelist.js
program/lib/Roundcube/html.php
skins/larry/styles.css
skins/larry/templates/compose.html
|
11 years ago |
Thomas Bruederli
|
d58c39126f
|
Some more improvemements on content structure, text representation and keyboard navigation within the mail view
|
11 years ago |
Thomas Bruederli
|
22a2c5e0ee
|
Localize title and summary attributes; make message count display box a live area
|
11 years ago |
Aleksander Machniak
|
2441264d00
|
Improved folders sorting by name - use Intl.Collator if supported
|
11 years ago |
Aleksander Machniak
|
ffc74814c1
|
Optimize "empty" framed pages size (#1489792)
|
11 years ago |
Aleksander Machniak
|
8f57ce136b
|
Code improvements
|
11 years ago |
Aleksander Machniak
|
7079110c61
|
Allow data-* attributes (#1489860)
|
11 years ago |
Thomas Bruederli
|
ea0866a1ad
|
Improve keyboard navigation on compose screen: define tabindex groups + enable keyboard controls of contacts list widget
|
11 years ago |
Thomas Bruederli
|
184ed2efe2
|
Declare content language for proper text-to-speech support
|
11 years ago |
Thomas Bruederli
|
b0ce5c62af
|
Make skin meta/hierarchy information accessible for plugins (#1488831)
|
11 years ago |
Thomas Bruederli
|
e8bcf08c72
|
1. Prepare core and Larry skin for improved accessibility
2. Implement full keyboard navigation in main mail view
|
11 years ago |
Thomas Bruederli
|
b34d679075
|
Specify licenses in all javascript files and blocks to please LibreJS
|
11 years ago |
Aleksander Machniak
|
5be6dcf0e2
|
Remove useless debug_level=8 and javascripts's rcube_console
|
11 years ago |
Aleksander Machniak
|
904fec7505
|
Add id for login submit button (#1489676) - make it skin independent
|
11 years ago |
Aleksander Machniak
|
5e8da2b5c9
|
Added toolbar button to move message in message view
|
11 years ago |
Thomas Bruederli
|
9ba4967a73
|
Create class documentation with latest phpdoc utility
|
11 years ago |
Aleksander Machniak
|
0301d9347f
|
CS fixes
|
11 years ago |
Aleksander Machniak
|
c562a31681
|
Improved minified files handling, added css minification (#1486988)
|
11 years ago |
Aleksander Machniak
|
538e64c572
|
Fix Closure-compiler warnings, small code improvements
|
11 years ago |
Thomas Bruederli
|
e46d060a4a
|
Fix errors in error page :-)
|
11 years ago |
Thomas Bruederli
|
59cdb433a6
|
Avoid duplicate elements with the same id in HTML. Fixes broken icons in classic skin.
|
11 years ago |
Thomas Bruederli
|
98b7b548a2
|
Merge branch 'dev-canned-responses'
Conflicts (resolved):
skins/classic/includes/settingstabs.html
skins/larry/includes/settingstabs.html
|
11 years ago |
Aleksander Machniak
|
e2f90dbd4e
|
Do not add css files to the page when body is empty, e.g. upload iframes
|
11 years ago |
Thomas Bruederli
|
c49c35ca0f
|
Generate settings tabs with a template object 'settingstabs' and let plugins register themselves there using the 'settings_actions' hook
|
11 years ago |
Thomas Bruederli
|
0933d66b59
|
Keep current selection on IE browsers by adding unselectable=on to link elements
|
11 years ago |
PhilW
|
fb4474aca9
|
only call config->get() once
|
11 years ago |
PhilW
|
d81d69377a
|
use template file name rather than special attribute
|
11 years ago |
PhilW
|
a77504aeac
|
allow different logos for different functions (eg. normal and print)
|
11 years ago |