Aleksander Machniak
|
b8e51b9d2f
|
Remove redundant trim()
|
7 years ago |
Aleksander Machniak
|
24dcdb5414
|
Fix bug in remote content blocking on HTML image and style tags (#6178)
|
7 years ago |
Aleksander Machniak
|
472e48ff0d
|
Fix possible performance issue when parsing malformed and long Date header (#6087)
|
7 years ago |
Aleksander Machniak
|
cdf7a88b3e
|
Fix PHP Warning: Use of undefined constant INTL_IDNA_VARIANT_UTS46 on servers without php-intl extension
|
7 years ago |
Aleksander Machniak
|
a315f2b16d
|
Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated" with PHP 7.2 (#6075)
|
7 years ago |
Thomas Bruederli
|
3762dba408
|
Fix rcube_utils::random_bytes() to not throw exception for length=0
|
7 years ago |
Aleksander Machniak
|
972be07a41
|
Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview (#5580)
|
7 years ago |
Aleksander Machniak
|
39fa590bad
|
Fix bug where HTML messages with @media styles could moddify style of page body (#5811)
|
8 years ago |
Aleksander Machniak
|
2c6cc41c8f
|
Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure rcube_utils::random_bytes() result has always requested length (#5788)
|
8 years ago |
Aleksander Machniak
|
dade481658
|
Fix bug where comment notation within style tag would cause the whole style to be ignored (#5747)
|
8 years ago |
Aleksander Machniak
|
41c70e162b
|
Fix conflict with _gid cookie of Google Analytics (#5748)
TODO: Review the whole code base and don't use INPUT_GPC when it's not really needed,
in most cases we should not read $_COOKIE.
|
8 years ago |
Thomas Bruederli
|
bf21557873
|
Better fix for XSS in style tags (b59ff5ca )
|
8 years ago |
Aleksander Machniak
|
05aae4711c
|
Replace xss_entity_decode_callback() method with lambda function
|
8 years ago |
Aleksander Machniak
|
b59ff5cafb
|
Fix XSS issue in handling of a style tag inside of an svg element
|
8 years ago |
Aleksander Machniak
|
81f67a4de2
|
Don't use each() deprecated in PHP 7.2
|
8 years ago |
Aleksander Machniak
|
dfd19206a4
|
sizeof() -> count()
|
8 years ago |
Aleksander Machniak
|
7340360e79
|
Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580)
|
8 years ago |
Aleksander Machniak
|
4e0532808d
|
Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc (#5452)
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
|
8 years ago |
Aleksander Machniak
|
195dc11855
|
Support host-specific imap_conn_options/smtp_conn_options/managesieve_conn_options (#5136)
|
8 years ago |
Aleksander Machniak
|
dcabc1d814
|
Merge remote-tracking branch 'upstream/master'
Conflicts:
tests/Framework/Washtml.php
|
8 years ago |
Aleksander Machniak
|
c3fc072d97
|
Remove code related to magic_quotes_* and register_globals
...they do not exist in PHP 5.4 which we now require.
|
8 years ago |
Aleksander Machniak
|
906cf101c3
|
Better time handling in rcube_utils::clean_datestr()
|
8 years ago |
Aleksander Machniak
|
ec1525a1e6
|
Remove debug code
|
8 years ago |
Aleksander Machniak
|
ed35267b9b
|
Managesieve: Fix parsing of vacation date-time with non-default date_format (#5372)
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
|
8 years ago |
Aleksander Machniak
|
f2eafda539
|
Fix bug where microsecond format in logged date didn't work in some cases
|
9 years ago |
Aleksander Machniak
|
d61d33a12a
|
Fix handling of --delete argument in moduserprefs.sh script (#5296)
|
9 years ago |
Aleksander Machniak
|
6737e293bb
|
Wash position:fixed style in HTML mail for better security (#5264)
|
9 years ago |
Aleksander Machniak
|
cbe701ac4a
|
Fix rcube_utils::words_match() to work with mixed/invalid/binary content (T844)
|
9 years ago |
Aleksander Machniak
|
7e3298753a
|
Use ternary operator where aplicable
|
9 years ago |
Aleksander Machniak
|
a03233ceba
|
CS fixes
|
9 years ago |
Aleksander Machniak
|
b2b9b591ce
|
Fix handling random_bytes() errors in PHP 7.0.0RC3
|
9 years ago |
Aleksander Machniak
|
e85bbc9e9c
|
random_bytes() can throw an exception in some cases, since PHP 7.0.0rc3
|
9 years ago |
Aleksander Machniak
|
26086981a2
|
Improve randomness of security tokens (#1490529)
|
9 years ago |
Aleksander Machniak
|
f00e1f5333
|
CS fixes
|
9 years ago |
Aleksander Machniak
|
7a42173a16
|
Simplify rcube_utils::check_ip()
|
9 years ago |
Aleksander Machniak
|
6b31846c43
|
Fix IPv6 address validation on PHP with disabled IPv6 support
|
9 years ago |
Aleksander Machniak
|
93e64008a6
|
Small code improvements
|
9 years ago |
Aleksander Machniak
|
8447bae77c
|
Require Mbstring and OpenSSL extensions (#1490415) - remove redundant code
|
10 years ago |
Aleksander Machniak
|
9aae1b7fc3
|
Fix so microseconds macro (u) in log_date_format works (#1490446)
|
10 years ago |
Aleksander Machniak
|
a958748947
|
CS fixes
|
10 years ago |
Aleksander Machniak
|
3994b3a26c
|
Installer: Use openssl_random_pseudo_bytes() (if available) to generate des_key (#1490402)
|
10 years ago |
Thomas Bruederli
|
c32998084d
|
Add untility function to match strings ignoring word order
|
10 years ago |
Thomas Bruederli
|
e8b82c2e7b
|
Fix rcube_utils::normalize_string() to support unicode characters + add argument for minimum token length
|
10 years ago |
Thomas Bruederli
|
09c58d1add
|
Make rcube_utils::strtotime() timezone aware (#1490163)
|
10 years ago |
Aleksander Machniak
|
787a421846
|
Fix rcube_utils::anytodatetime() with no timezone specified
|
10 years ago |
Aleksander Machniak
|
848e204ef9
|
Fix validation of email addresses with IDNA domains (#1490067)
|
10 years ago |
Aleksander Machniak
|
29c24e647c
|
Get rid of DIRECTORY_SEPARATOR for consistency
|
10 years ago |
Aleksander Machniak
|
5f58127eae
|
Added rcube_utils::resolve_url()
|
10 years ago |
Aleksander Machniak
|
75bbada03b
|
Remove code for PHP<5.3, use PHP_VERSION_ID instead of version_compare() for version checks
|
10 years ago |
Thomas Bruederli
|
cc850263d4
|
Add optional timezone argument for date conversion
|
10 years ago |