Commit Graph

207 Commits (e35eab5f946fbdca688040da61d33a1a4153f968)

Author SHA1 Message Date
Aleksander Machniak d01f9fc7f5 Add option (disabled_actions) to disable UI elements/actions (#1489638) 10 years ago
Thomas Bruederli 7e7e451b66 Warn for unsent/unsaved message when closing compose window; remove localStorage copy if page was left intentionally but not on session errors (#1489818) 11 years ago
Aleksander Machniak d19a9b35cc Remove obsolete code that disables session check on 'send' action 11 years ago
Aleksander Machniak ba5c53e5c3 Send X-UA-Compatible as HTTP header instead of meta tag 11 years ago
Aleksander Machniak b360f707e8 Small code improvement 11 years ago
Aleksander Machniak 65f59fa3c6 Bump version number to 1.1-git 11 years ago
Aleksander Machniak 8d3d5b42b7 Prevent from "Call to undefined method rcmail_output_json::add_footer()" error 11 years ago
Aleksander Machniak 0301d9347f CS fixes 11 years ago
Thomas Bruederli 85e60ada15 First version of the local storage compose data saving feature; some behavioral improvements and encrytion are still to be added 11 years ago
Thomas Bruederli b461a2d72e Send last fetch time with 'refresh' requests and allow plugins to alter query parameters of http requests 11 years ago
Aleksander Machniak 060467df9d Log also failed logins to userlogins log 11 years ago
Thomas Bruederli deb2b8d080 Allow to load config files for different environments (#1487311); keep (non-default) filename in URLs throughout the webmail app 12 years ago
Aleksander Machniak a544971fe8 Fix error when using check_referer=true 12 years ago
Aleksander Machniak bb080af14d Bump version number up to 1.0-git 12 years ago
Thomas Bruederli 18e23ab763 Welcome to 2013 12 years ago
Aleksander Machniak a95687cfe8 Plugin API: Add 'refresh' hook 12 years ago
Aleksander Machniak 77de23fa93 Added cross-task 'refresh' request for system state updates 12 years ago
Aleksander Machniak b807084a6b - Fix (disable) request validation for spell and spell_html actions
Consider action whitelist also for ajax requests
12 years ago
Aleksander Machniak 2bbc3da52a - Check request tokens also in devel_mode 12 years ago
Aleksander Machniak 1c0ce1fe52 Plugin API: Add 'unauthenticated' hook (#1488138) 13 years ago
Aleksander Machniak 7c8fd80310 Show explicit error message when provided hostname is invalid (#1488550) 13 years ago
Aleksander Machniak 041c93ce0b Removed $Id$ 13 years ago
Brian Ronald b546b0dcfd Also, the license comments 13 years ago
alecpl d2191c619f - Fix redirect to mail/compose on re-login (1488226) 13 years ago
alecpl 1aceb9cec8 - Framework refactoring (I hope it's the last one):
rcube,rcmail,rcube_ui -> rcube,rcmail,rcube_utils
  renamed main.inc into rcube_bc.inc
13 years ago
alecpl 0c259682f6 - Merge devel-framework branch, resolved conflicts 13 years ago
thomascube 7fe3811c65 Changed license to GNU GPLv3+ with exceptions for skins and plugins 13 years ago
thomascube c321a955a7 Merged devel-framework branch (r5746:5779) back into trunk 13 years ago
alecpl fdff34093d - Move some checks into login() method 13 years ago
alecpl b6da0b76af - Remove deprecated global $IMAP variable usage (#1488148) 13 years ago
alecpl 80216d0b79 - Change version number to 0.8-svn 13 years ago
thomascube abdf31486a Allow cross-task ajax requests 13 years ago
alecpl 3703021713 - Plugin API: added 'ready' hook (#1488073) 13 years ago
thomascube 502436dad0 We're on the road towards 0.7 now 13 years ago
alecpl 9e54e6fd45 - Make the whole PHP output non-cacheable (#1487797) 13 years ago
thomascube 6354da5b8c Fix r5117: don't show error on default login page 13 years ago
thomascube 886aafe167 Don't rely on rcmail->task for session error check; use _REQUEST data instead 13 years ago
thomascube 94c0743cba Don't show session error message on logout 13 years ago
thomascube fcc7f861b1 Log session validation errors; keep error message when redirecting to login after session error 13 years ago
thomascube 28ac5cada2 Let plugins hook into keep-alive requests 14 years ago
thomascube 87e58c7a92 Default action for plugin tasks is 'index' 14 years ago
alecpl 4351f7cd66 - Improve performance by including files with absolute path (#1487849) 14 years ago
thomascube ec045b0a24 Revert r4609 and use stateless request tokens; no need to save them in session and thus no keep-alive necessary; fixes #1487829 14 years ago
thomascube 32b11d325e Keep session alive while showing login page (request token is stored in session data) 14 years ago
alecpl 4cfe66f42f - small code cleanup 14 years ago
alecpl c294eaa3f2 - Performance improvement: Remove redundant DELETE query (for old session deletion) on login 14 years ago
thomascube de62f02eed Also check referer on logout action 14 years ago
thomascube a77cf2292b Add optional referer check to prevent CSRF in GET requests 14 years ago
thomascube 784a425e07 protect login form submission from CSRF using a request token 14 years ago
thomascube cf2da2f9aa Improve session validity check with changing auth cookies; reduce writes to DB; better phpdoc 14 years ago