Felix Eckhofer
ef721fc430
Add config variable 'proxy_whitelist'
...
HTTP headers X_FORWARDED_* and X_REAL_IP are only evaluated when
received from an IP listed in proxy_whitelist. Furthermore, only the
last non-trusted IP from X-Forwarded-For is used in place of the real
ip.
Without this, an attacker can easily spoof the headers and control the
result of the ip or ssl check.
This fixes several problems with [3a4c9f42
], [4d480b36
] and [a520f331
] as
mentioned in #1489729 .
11 years ago
Aleksander Machniak
bee1e18966
Skip IMAP SORT request if folder is empty
11 years ago
Aleksander Machniak
8cc567c004
Drop support for PHP < 5.3.7
11 years ago
Aleksander Machniak
65f59fa3c6
Bump version number to 1.1-git
11 years ago
Thomas Bruederli
3980579602
Avoid useless connection attempts if host is empty
11 years ago
Thomas Bruederli
143ceff0d8
Implement ArrayAccess interface for conveniently accessing rcube_result_set as array
11 years ago
Thomas Bruederli
532c10669b
Support structured data for autocompletion results; map 'type' attribute to CSS class for autocomplete list items
11 years ago
Aleksander Machniak
32c612c112
Fix some PDO::MYSQL_* constants (wrongly described in PHP manual before 5.3.21)
11 years ago
Aleksander Machniak
2b8f033bcb
Improvement in handling invalid email address strings
11 years ago
Thomas Bruederli
128fd9861a
Declare LOGIN commands to be anonymized in debug logging
11 years ago
Aleksander Machniak
5e8da2b5c9
Added toolbar button to move message in message view
11 years ago
Aleksander Machniak
03de1329ef
Fix invalid X-Draft-Info on forwarded message draft ( #1489587 )
11 years ago
Thomas Bruederli
ce20194266
Add setter for user object to rcube class; we already have getters for various user properties there
11 years ago
Aleksander Machniak
517c9f9a8d
Fix directories check in Installer on Windows ( #1489576 )
...
Added rcube_utils::is_absolute_path() method
11 years ago
Thomas Bruederli
eecd9ce0f9
Fix infinite loop when converting invalid html to plaintext ( #1489566 )
11 years ago
Thomas Bruederli
774deaded1
Don't EVER log passwords
11 years ago
Aleksander Machniak
03f1691d47
Fixed Opera > 15 detection ( #1489562 )
11 years ago
Aleksander Machniak
3b1d410b4e
Fix confusing intersect/filter methods naming/behaviour.
...
Removed rcube_result_index::intersect() method.
Changed rcube_result_index::filter() to filter in the same way as
rcube_result_thread::filter(), which means it actually does array_intersect().
Added tests scripts for rcube_result_index class.
11 years ago
Aleksander Machniak
5140c31064
Remove quotes around addressee name in case they are encoded.
...
Some clients encode quotes with name using base64/quoted-printable
encoding. Quotes were removed only for unencoded strings. Now also
encoded names are handled this way.
So, recipient/sender strings are displayed without quotes around
and e.g. saving to addressbook does not save these redundant quotes.
11 years ago
Aleksander Machniak
c0dda0556c
Allow single quote in style attribute values.
...
E.g. "font-family: 'Tahoma'" should not be removed.
11 years ago
Aleksander Machniak
357f9c831a
Support SMTP socket context options via new config option 'smtp_conn_options'
11 years ago
Thomas Bruederli
5740b10bf8
Merge branch 'master' of github.com:roundcube/roundcubemail
11 years ago
Aleksander Machniak
531c4d896c
Merge branch 'master' of github.com:roundcube/roundcubemail
11 years ago
Aleksander Machniak
d924ebebf7
Fix compatibility with PHP 5.2 in html.php file ( #1489514 )
11 years ago
Thomas Bruederli
3786a48aeb
* New option that write logs to per-user directories. (Debug) logs will only be written if a directory for the current user exists.
...
* The 'write_log' plugin hook now also supports the return property 'dir' to let plugins specify the log directory.
11 years ago
Aleksander Machniak
1fd6c43e19
Improve parse_thread so it uses much less recursive calls
11 years ago
Thomas Bruederli
c5f6352710
Don't log error if no plugin config is found in global directories
11 years ago
Thomas Bruederli
8fc49e51a4
Use the right base_dn for listing records of the selected group
11 years ago
Thomas Bruederli
aa581c2912
Fall back to load plugin config from global config directories only if no local config file exists
11 years ago
Takika
d073a66db3
Load plugin config file from any configured path
...
Try to load plugin_name.inc.php config file from any pre-configured config path (rcube_config::path array) so webmail admins can move plugin configurations out of www root.
11 years ago
Thomas Bruederli
e59471fcb9
Make sure prefs always is a valid array (otherwise causes fatal errors if language if not set)
11 years ago
Aleksander Machniak
4957530dec
Fix an obvious mistake in search_once() casing wrong result when called
...
with empty 2nd argument (which also is not what should happen, should we return error?)
11 years ago
Aleksander Machniak
7a3c0c96c4
Use '0' instead of 0, to fix possible issue.
11 years ago
Aleksander Machniak
172302e2cf
Small perf. improvement
11 years ago
Aleksander Machniak
0301d9347f
CS fixes
11 years ago
Aleksander Machniak
c7250749ab
Fix issue where deprecated syntax for HTML lists was not handled properly ( #1488768 )
11 years ago
Aleksander Machniak
3e98f8be71
Add some code for S/MIME signatures verification, update Crypt_GPG package
11 years ago
Aleksander Machniak
ac0fc383fd
Fix so message flags modified by another client are applied on the list on refresh ( #1485186 )
11 years ago
Aleksander Machniak
6b2b2eca5f
Remove deprecated functions (these listed in bc.php file) usage
11 years ago
Aleksander Machniak
54029ea959
Fix broken text/* attachments when forwarding/editing a message ( #1489426 )
11 years ago
Aleksander Machniak
f6d23a8dce
Fix PHP warning when 1st argument of parse_host() is not a string ( #1489486 )
11 years ago
Aleksander Machniak
a520f331c1
Fix handling of X-Forwarded-For header with multiple addresses ( #1489481 )
11 years ago
Aleksander Machniak
d19c0f9f30
In normalize_string() replace 4-byte unicode characters with '?' character.
...
These are not supported in default utf-8 charset on mysql,
the chance we'd need them in searching is very low.
11 years ago
Aleksander Machniak
029f7a157d
Clarify update() result description, return boolean when ID didn't change
11 years ago
Aleksander Machniak
18b40c1a32
Fix issue where groups were not deleted when "Replace entire addressbook" option on contacts import was used ( #1489420 )
11 years ago
Aleksander Machniak
38bf401cf8
Fix performance of listing writeable folders ( #1489451 )
11 years ago
Thomas Bruederli
ce6050cbbb
Display version from composer.json even if not intstalled
11 years ago
Aleksander Machniak
5f31429de5
Fix preparation of message object before saving into the cache.
...
The bug cased e.g. displaying HTML content as plain text for messages
with Content-Type: text/html.
11 years ago
Aleksander Machniak
38f1f56920
Exec config_get hook also in rcube_config::all() ( #1485981 )
11 years ago
Aleksander Machniak
ffec857b69
Fix handling of invalid closing tags in HTML messages ( #1489446 )
11 years ago