Commit Graph

7175 Commits (ef721fc430fbb19da13060105577bf7605606b81)
 

Author SHA1 Message Date
Felix Eckhofer ef721fc430 Add config variable 'proxy_whitelist'
HTTP headers X_FORWARDED_* and X_REAL_IP are only evaluated when
received from an IP listed in proxy_whitelist. Furthermore, only the
last non-trusted IP from X-Forwarded-For is used in place of the real
ip.

Without this, an attacker can easily spoof the headers and control the
result of the ip or ssl check.

This fixes several problems with [3a4c9f42], [4d480b36] and [a520f331] as
mentioned in #1489729.
11 years ago
Felix Eckhofer 3fca238554 Fix typo in comment 11 years ago
Aleksander Machniak e435d3b120 Fix fatal error in database_attachments plugin under some conditions (#1489726) 11 years ago
Aleksander Machniak bee1e18966 Skip IMAP SORT request if folder is empty 11 years ago
Aleksander Machniak 1597c8a0c2 Make sure parent folder selector always contains parent folder
of current folder, even if it does not exist
11 years ago
Aleksander Machniak fbe5bc9ba2 CS fixes 11 years ago
Aleksander Machniak 2369305ad8 Merge pull request #167 from Steffen185/allow_url_fopen_off
Make modcss.inc work with allow_url_fopen = Off
11 years ago
Aleksander Machniak 5733061261 Merge branch 'master' of github.com:roundcube/roundcubemail 11 years ago
Aleksander Machniak 8cc567c004 Drop support for PHP < 5.3.7 11 years ago
Thomas Bruederli d221576489 Disable link registering mailto: protocol handler if not supported by the browser (#1489569) 11 years ago
Thomas Bruederli 3f4845948c Synchrnonized translations from Transifex 11 years ago
Thomas Bruederli eadb6de5bc Map fr => fr_FR for transifex pulling 11 years ago
Thomas Bruederli 08da302af0 Don't hide upload dialog if no file was selected. Display an alert message for all empty file uploads (#1489685) 11 years ago
Thomas Bruederli ec057a5a52 Fix .listbox background color in jquery UI dialogs 11 years ago
Aleksander Machniak 65f59fa3c6 Bump version number to 1.1-git 11 years ago
Aleksander Machniak 68cf8f19d2 Add some tests 11 years ago
Thomas Bruederli 9da808470d Better indentation styles for treelist items 11 years ago
Aleksander Machniak 04c9116f14 Fix list-input fields in Vacation interface 11 years ago
Aleksander Machniak 9556f34d75 Load password.js only when needed 11 years ago
Aleksander Machniak 53846f798f Remove debug code 11 years ago
Aleksander Machniak c29ca0e11d Merge branch 'master' of github.com:roundcube/roundcubemail 11 years ago
Aleksander Machniak 50a57e9b75 Added optional separate interface for out-of-office management (#1488266) 11 years ago
Aleksander Machniak a930815871 Trim search filter to prevent from creating invalid search criteria when skip_deleted = true. 11 years ago
Thomas Bruederli 1b0b398778 Update changelog 11 years ago
Thomas Bruederli a36369c383 Fix message import dialog (#1489685):
- Display alert if no file is chosen
- Unlock the UI if form is not submitted
- Avoid duplicate error messages
- Fix javascript error due to missing attachments list widget
11 years ago
Aleksander Machniak 5ce2301185 Add labels for 'n' ACL (RFC 5257) 11 years ago
Thomas Bruederli c8fb38f076 Refined some skin styles 11 years ago
Aleksander Machniak d3883ddfbb Make sure attachment ID is really unique when uploading multiple files (#1489546) 11 years ago
Aleksander Machniak 723a26cff8 Merge branch 'master' of github.com:roundcube/roundcubemail 11 years ago
Aleksander Machniak 98e582148a Put new feature entries on top and fixes on end of the changelog 11 years ago
Aleksander Machniak 904fec7505 Add id for login submit button (#1489676) - make it skin independent 11 years ago
Thomas Bruederli 3980579602 Avoid useless connection attempts if host is empty 11 years ago
Thomas Bruederli 519ce2e2ec Avoid bubbling of clicks to treelist expand/collapse toggles 11 years ago
Thomas Bruederli 0c7bc4f5c0 Add styles for 'mainaction' dialog buttons 11 years ago
Thomas Bruederli 3f63a80730 Re-arrange buttons in import dialog to match the rest of the appplication 11 years ago
Thomas Bruederli 34ddfcecef Fix input-button disabled state; add support for jquery UI buttons of type 'uibutton' 11 years ago
Thomas Bruederli c42fc0fff6 Define default treelist styles (i.e. indentation) globally 11 years ago
Thomas Bruederli 817c98ec3b Add method to reset a treelist widget 11 years ago
Thomas Bruederli 143ceff0d8 Implement ArrayAccess interface for conveniently accessing rcube_result_set as array 11 years ago
Thomas Bruederli 532c10669b Support structured data for autocompletion results; map 'type' attribute to CSS class for autocomplete list items 11 years ago
Thomas Bruederli c70f26776e Merge branch 'master' of github.com:roundcube/roundcubemail 11 years ago
Aleksander Machniak f2e1b7a3e6 Merge pull request #170 from Takika/patch-1
Fix default mailbox sort order
11 years ago
Takika 2256f89139 Fix default mailbox sort order 11 years ago
Aleksander Machniak aa05873611 Merge branch 'master' of github.com:roundcube/roundcubemail 11 years ago
Aleksander Machniak 18a9b4f2f1 Fix dbmail driver (hints from https://github.com/roundcube/roundcubemail/pull/169) 11 years ago
Thomas B. 324805e180 Merge pull request #162 from nicolas-joubert/patch-1
Redirect after HTTP authentication
11 years ago
Thomas Bruederli 2838b9ecb6 Updated Changelog 11 years ago
Thomas Bruederli d27a4f8f9e Fix opening compose screen in new window after saving as draft (#1489643) 11 years ago
Aleksander Machniak fb5255e2f0 Fix filter creation from an email when preview frame is disabled (#1489647) 11 years ago
Aleksander Machniak 32c612c112 Fix some PDO::MYSQL_* constants (wrongly described in PHP manual before 5.3.21) 11 years ago