Aleksander Machniak
186f21c4c1
Avoid Referer leaking by using Referrer-Policy:same-origin header ( #6385 )
...
Added 'common_headers' hook
6 years ago
Aleksander Machniak
c8d133a6a0
Merge branch 'master' into dev/elastic
6 years ago
Aleksander Machniak
b126941846
Fix session issue on long running requests ( #6470 )
6 years ago
Stefanos Petrakis
8ab1e4fbc3
Fix multiple VCard field search ( #6466 )
6 years ago
Aleksander Machniak
0a0ac045fe
Fix bug where valid content between HTML comments could have been skipped in some cases ( #6464 )
6 years ago
Aleksander Machniak
255638cc44
Update changelog, require Net_SMTP 1.8.1 for GSSAPI support
6 years ago
urusha
75f37f8b0f
SMTP GSSAPI support ( #6417 )
...
* krb_authentication support for smtp_connect
* smtp GSSAPI support
6 years ago
Aleksander Machniak
2dcf50019c
Merge branch 'master' into dev/elastic
6 years ago
Aleksander Machniak
e38b477b99
Fix including plugin scripts (regression)
6 years ago
Aleksander Machniak
2c12274d38
Fix style/navigation on error page depending on authentication state ( #6362 )
6 years ago
Aleksander Machniak
4310046993
Remove redundant trim()
6 years ago
Aleksander Machniak
c28242f63c
Log errors caused by low pcre.backtrack_limit when sending a mail message ( #6433 )
6 years ago
Aleksander Machniak
03fef0d6ca
New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params ( #6419 )
6 years ago
Aleksander Machniak
796e5a17e6
Removed referer_check option ( #6440 )
6 years ago
Aleksander Machniak
eaa81a5b61
Fix so invalid smtp_helo_host is never used, fallback to localhost ( #6408 )
6 years ago
Allan Klaus
6a49ba5aa2
Added exec_hook to send error to an external error tracking tool ( #6198 )
6 years ago
Aleksander Machniak
5cdb54221f
Fix listing the same attachment multiple times on forwarded messages
6 years ago
Aleksander Machniak
24e3977d74
Fix invalid regular expressions that throw warnings on PHP 7.3 ( #6398 )
6 years ago
Aleksander Machniak
19332495b0
Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 ( #6383 )
6 years ago
Aleksander Machniak
988ed7e565
Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 ( #6374 )
6 years ago
Aleksander Machniak
4f2b795cd2
Fix doc for 3rd argument of rcube::deliver_message() ( #6353 )
6 years ago
Aleksander Machniak
cba1605949
Add http_only argument to rcube_utils::setcookie()
6 years ago
Aleksander Machniak
086e781b8f
Fix bug where some HTML comments could have been malformed by HTML parser ( #6333 )
6 years ago
Aleksander Machniak
fd7d7faabd
Improve checking folder delete rights according to RFC 4314
7 years ago
Aleksander Machniak
58e514970e
Add option to hide folders in share/other-user namespace or outside of the personal namespace root ( #5073 )
7 years ago
Aleksander Machniak
5e3868eb10
Fix so attachment without Content-ID is not an inline attachment ( #5905 )
7 years ago
Aleksander Machniak
e9d38e847c
Re-add setting error_log=syslog when log_driver=syslog
7 years ago
Aleksander Machniak
3d0b2cd3ce
Pass PEAR errors to rcube::raise_error(), small CS improvements
7 years ago
Aleksander Machniak
12b1b54792
Fix bug where after "mark all folders as read" action message counters were not reset ( #6307 )
...
also fixed one PHP 7.2 warning
7 years ago
Aleksander Machniak
6691756ea1
Fix bug where unicode contact names could have been broken/emptied or caused DB errors ( #6299 )
7 years ago
Aleksander Machniak
30ab2eec5f
Remove function_exists() checks for mbstring functions
7 years ago
Aleksander Machniak
4b97f40af9
Get rid of debug_level ( #6298 )
7 years ago
Aleksander Machniak
71eec07d25
Fix regression where some non-inline attachments could be not listed ( #6291 )
7 years ago
Aleksander Machniak
430c000e32
Support skin localization ( #5853 )
7 years ago
Aleksander Machniak
1247a8dd7d
Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names
7 years ago
Aleksander Machniak
0716d499bc
Fix bug where some escape sequences in html styles could bypass security checks
7 years ago
Edgaras L
c236c22c41
Parse all quotas from GETQUOTAROOT ( #6280 )
7 years ago
Aleksander Machniak
c0b9025215
Remove sample PHP configuration from .htaccess and .user.ini files ( #5850 )
...
Moved to https://github.com/roundcube/roundcubemail/wiki/Installation#php-configuration
7 years ago
Aleksander Machniak
63d3ad11fb
Use Masterminds/HTML5 parser for HTML5 support ( #5761 )
7 years ago
Aleksander Machniak
e79838aaac
Enigma: Disable autofill for new keypair password
7 years ago
Aleksander Machniak
dd3ea4ed2b
Fix extracting codepage
7 years ago
Aleksander Machniak
8a6a9e86ae
Fix handling of forwarded messages inside of a TNEF message ( #5632 )
7 years ago
Aleksander Machniak
a889f55c31
Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl ( #6244 )
7 years ago
Aleksander Machniak
b2bebe531a
Fix bug where usernames without domain part could be malformed or converted to lower-case on logon ( #6224 )
7 years ago
Aleksander Machniak
8df6d7c3e4
Fix regression in compressMessageSet() ( #6235 )
7 years ago
Aleksander Machniak
8b0540d402
Fix possible IMAP command injection and type juggling vulnerabilities ( #6229 )
7 years ago
Aleksander Machniak
df3878501c
Fix PHP 7.2: count(): Parameter must be an array in enchant-based spellchecker ( #6234 )
7 years ago
Aleksander Machniak
73ea8f94d0
Use htmlspecialchars() with charset argument, simplify some code
7 years ago
Aleksander Machniak
f36e23b778
Fix parsing date strings (e.g. from a Date: mail header) with comments ( #6216 )
7 years ago
Aleksander Machniak
2196f50437
Support redis_debug in the redis session driver
7 years ago
Aleksander Machniak
0f3ad342f7
Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() ( #6212 )
7 years ago
Aleksander Machniak
a451ad6599
Fix handling encoding of HTML tags in "inline" JSON output ( #6207 )
7 years ago
Aleksander Machniak
981cd8726d
Remove holes in cache index keys - makes the serialized representation shorter
7 years ago
Aleksander Machniak
1058924e21
Move some framework classes to sub-directories
7 years ago
Aleksander Machniak
d07b032bcd
Refactor cache code with separate engine-specific classes
7 years ago
Aleksander Machniak
fa06d37901
Merge branch 'feature/add_redis_as_cache' of https://github.com/ledgr/roundcubemail into ledgr-feature/add_redis_as_cache
7 years ago
Aleksander Machniak
6bfebc5e32
Add sanity check when auto-unsubscribing non-existing folders
7 years ago
Aleksander Machniak
1556eb01c7
Use JSON_UNESCAPED_UNICODE only on PHP >= 7.1.0 ( #6187 )
7 years ago
laodc
672e57ea48
Patched bug where rcube_db::quote() was causing an infinite connection loop. ( #6175 )
...
As rcube_db::quote() checks to see if the connection is up before quoting, this would cause the class to try connect again, as rcube_db::$dbh was not being set until AFTER conn_configure was completed, causing a loop.
So updated rcube_db::$dbh in the rcube::conn_create() function instead allowing access to the new object straight away.
It's needed for edeb5d7
.
7 years ago
Aleksander Machniak
a1be62b19d
Remove redundant trim()
7 years ago
Aleksander Machniak
9d2b303b51
Fix bug in remote content blocking on HTML image and style tags ( #6178 )
7 years ago
Aleksander Machniak
b46cd5de1d
Fix PHP Warning: exif_read_data(...): Illegal IFD size ( #6169 )
7 years ago
Edgaras Lukoševičius
e371469664
Add Redis as cache backend
7 years ago
laodc
edeb5d7ab4
Add support for PostgreSQL schemas in DSN ( #6150 )
...
If schema is set in the dsn, set search_path to the schema value.
Example:
$config['db_dsnw'] = 'pgsql://user:pass@localhost/dbname?schema=exampleschema';
7 years ago
Aleksander Machniak
4793ec753a
Remove double-quotes in filename* parameter of the Content-Disposition of downloads ( #5857 )
7 years ago
Aleksander Machniak
55e99398e1
Fix possible information leak - add more strict sql error check on user creation ( #6125 )
7 years ago
Aleksander Machniak
ce338164e3
Fix bug where contacts search could skip some records ( #6130 )
7 years ago
Richard Hillmann
59bbf6c081
Fix preg_match in guess_type function ( #6123 )
7 years ago
Aleksander Machniak
b172fb505c
Improve trusted_host_patterns code
7 years ago
Aleksander Machniak
4a5ca74724
Merge branch 'trusted-host-patterns' of https://github.com/dsoares/roundcubemail into dsoares-trusted-host-patterns
7 years ago
Daniel Kesselberg
a8d5547163
Update idn convertion methods ( #6115 )
...
* Add more test cases
* Update phpdoc
7 years ago
Aleksander Machniak
63a7d2313f
Improve SMTPUTF8 support and fix relaxed email validation issues
7 years ago
Aleksander Machniak
5665344673
Merge branch 'smtputf8' of https://github.com/jprjr/roundcubemail into jprjr-smtputf8
7 years ago
Aleksander Machniak
a2875cdda9
- Fix searching contacts by address in LDAP source ( #6084 )
7 years ago
Aleksander Machniak
c0959bd619
Sanity checks for header data length in FETCH ( #6087 )
...
Where we know what expected data length is we truncate the input.
7 years ago
Aleksander Machniak
3cdc8af297
Fix possible performance issue when parsing malformed and long Date header ( #6087 )
7 years ago
johndoh
05d1b1947e
Check for minified CSS files ( #6089 )
7 years ago
Aleksander Machniak
3488531b26
Fix PHP Warning: Use of undefined constant INTL_IDNA_VARIANT_UTS46 on servers without php-intl extension
7 years ago
Georgeto
161038ee87
Support additional connect parameters in PostgreSQL database wrapper ( #6071 )
...
Most notably this change enables you to specify whether or with what
priority a secure SSL TCP/IP connection will be negotiated with the
database server.
7 years ago
Aleksander Machniak
61a6666eee
Small CS fixes
7 years ago
Aleksander Machniak
ca39a4e093
Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated" with PHP 7.2 ( #6075 )
7 years ago
Aleksander Machniak
36638ec0c2
Fix untagged COPYUID responses handling - again ( #5982 )
7 years ago
Aleksander Machniak
9ce8948294
Get rid of the 2nd argument of include_stylesheet()
...
.. make the optional behavior default now.
7 years ago
Aleksander Machniak
1cf72fa2b6
Allow plugins to include Less files ( #6051 )
7 years ago
Aleksander Machniak
c6b2d8bead
Merge branch 'dev-elastic'
7 years ago
Aleksander Machniak
4cb7713520
Fix checking table columns when there's more schemas/databases in postgres/mysql ( #6047 )
7 years ago
Aleksander Machniak
a6c37b7735
Fix broken long filenames when using imap4d server - workaround server bug ( #6048 )
7 years ago
Aleksander Machniak
eed4be3ba6
Display value of the SMTP message size limit in the error message ( #6032 )
7 years ago
Aleksander Machniak
4dc1f3b757
Use configured log_file_ext also for errors thrown by PHP ( #6035 )
7 years ago
Aleksander Machniak
910c735b87
Merge branch 'master' into dev-elastic
7 years ago
Aleksander Machniak
a0374f3c45
Fix mangled non-ASCII characters in links in HTML messages ( #6028 )
7 years ago
Aleksander Machniak
23af0b7f36
Merge branch 'master' into dev-elastic
7 years ago
dsoares
5282cbaff9
Check against trusted_host_patterns in rcube_utils::parse_host()
7 years ago
Aleksander Machniak
0f4f85e097
Skip redundant INSERT query on successful logon when using PHP7
...
Since PHP 7.0 session_regenerate_id() will cause the old session data update.
This is redundant INSERT query and also produces a record for the session
we don't need anymore.
7 years ago
Aleksander Machniak
ef0982f1b8
Merge branch 'master' into dev-elastic
7 years ago
dsoares
50a9c8f777
Add option trusted_host_patterns
7 years ago
JohnDoh
515d496808
Replace display_version with display_product_info ( #5904 )
7 years ago
Aleksander Machniak
e21ab984bc
Skip <span> wrappers in html_table that is a <ul> list
7 years ago
Aleksander Machniak
d815525c6a
Merge branch 'master' into dev-elastic
7 years ago
Brendan Braybrook
4574870adc
fix: unknown content-disposition type should be treated as attachment ( #6002 )
7 years ago
Aleksander Machniak
5e08a6ac59
Handle remote stylesheets the same as remote images, ask the user to allow them ( #5994 )
...
Fixes the issue where remote stylesheet could have been blocked
if the message contained no remote images and user have no way to
allow that content.
7 years ago
Aleksander Machniak
3196d656db
Fix css conflicts in user interface and e-mail content ( #5891 )
...
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
7 years ago
Aleksander Machniak
403d8453c8
Fix issue caused by non-default session.cookie_lifetime setting ( #5961 )
7 years ago
Aleksander Machniak
f8fc01b800
Fix so untagged COPYUID responses are also supported according to RFC6851 ( #5982 )
7 years ago
Aleksander Machniak
5d3add78aa
Add Message-ID to the sendmail log ( #5871 )
7 years ago
Aleksander Machniak
117c150b2f
Fix bug where mail search could return empty result on servers without SORT capability ( #5973 )
7 years ago
Aleksander Machniak
3c1b78af48
Merge branch 'master' into dev-elastic
7 years ago
Aleksander Machniak
4223bed7e8
Add html_button class
7 years ago
Aleksander Machniak
5d16751ed8
Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview ( #5580 )
7 years ago
Thomas Bruederli
3723f3f178
Fix rcube_utils::random_bytes() to not throw exception for length=0
7 years ago
Lukas Erlacher
130f0cde3e
Add host to IMAP login error
...
This simplifies debugging authentication failures in multi-host setups.
7 years ago
Aleksander Machniak
72fe97ddfc
Fix bug where HTML messages could have been rendered empty on some systems ( #5957 )
...
Consistently use $nodeName instead of $tagName property.
7 years ago
Aleksander Machniak
ee6b5e9e58
Fix PHP 7.2 error: count(): Parameter must be an array or an object that implements Countable
7 years ago
Aleksander Machniak
fa3eb6813f
Ignore rewind() warnings ( #5950 )
7 years ago
Aleksander Machniak
3a77c906a1
Merge branch 'master' into dev-elastic
7 years ago
Aleksander Machniak
7fc626d527
Changed defaults for smtp_user (%u), smtp_pass (%p) and smtp_port (587)
7 years ago
Aleksander Machniak
cdcbad1879
Handle inline images also inside multipart/mixed messages ( #5905 )
7 years ago
Aleksander Machniak
2d608a799c
Fix decoding message/rtf822 part body/size
...
When e.g. an encrypted message has one of it's sub-parts a part that is message/rfc822
part we need it's body and size, because it will be listed on the attachments list
and also can be downloaded.
7 years ago
Aleksander Machniak
1235dcf321
Encode JSON with JSON_UNESCAPED_SLASHES and JSON_UNESCAPED_UNICODE options
7 years ago
Thomas Bruederli
919338d4ba
Escape textarea contents in Washtml
7 years ago
Aleksander Machniak
1c24c69a3b
Fix path for css file existence check in include_stylesheet()
7 years ago
Aleksander Machniak
4a71847c98
Fix bug where last character of a filename extracted from TNEF could be truncated ( #5799 )
7 years ago
Aleksander Machniak
69f50b122d
Add a way to include plugin stylesheets optionally only if the file exists
7 years ago
Aleksander Machniak
fc1a0a1f65
Fix bug where messages count was not updated after delete when imap_cache is set ( #5872 )
7 years ago
Aleksander Machniak
76adb49454
Support for IMAP folders that cannot contain both folders and messages ( #5057 )
7 years ago
Aleksander Machniak
b97e3b5cd7
Don't ignore (global) userlogins/sendmail logs in per_user_logging mode
7 years ago
Aleksander Machniak
e04f72d018
Fix PHP 7.2 warnings on count() use ( #5845 )
7 years ago
Aleksander Machniak
97bf251dc6
Don't use create_function() deprecated in PHP 7.2
7 years ago
Aleksander Machniak
86a4d78369
Merge branch 'dev-elastic'
7 years ago
Aleksander Machniak
05ea5a5548
Add ignore_errors option to rcube_db, so error logging can be disabled temporarily
...
Use ignore_errors to make sure the DDL upgrade errors are printed only once.
7 years ago
Aleksander Machniak
9d63b80873
Fix bug where errors were not printed when using bin/update.sh ( #5834 )
...
Don't pass errors to rcmail_install::raise_error() in CLI mode.
7 years ago
Aleksander Machniak
a8278d61cf
Update changelog, CS fixes
7 years ago
Aleksander Machniak
8b7c7dd5a9
Merge branch 'issue-logfilename' of https://github.com/remicollet/roundcubemail into remicollet-issue-logfilename
7 years ago
Aleksander Machniak
21e7d873ce
Fix so links over images are not removed in plain text signatures converted from HTML ( #4473 )
7 years ago
Aleksander Machniak
6a83c3cc18
Fix fatal error when using DMY- or MDY-based date format in PostgreSQL ( #5808 )
7 years ago
Aleksander Machniak
1fcf7bfab3
Fix bug where HTML messages with @media styles could moddify style of page body ( #5811 )
7 years ago
Aleksander Machniak
f0431c7475
Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure rcube_utils::random_bytes() result has always requested length ( #5788 )
7 years ago
Aleksander Machniak
0bef84c410
Fix decoding non-ascii attachment names from TNEF attachments ( #5646 , #5799 )
7 years ago
Remi Collet
6ca4eab399
add 'log_file_ext' configuration option
7 years ago
Aleksander Machniak
bcc6405552
Fix various issues when downloading files with names containing non-ascii chars, use RFC 2231 ( #5772 )
7 years ago
Thomas Bruederli
3bc8a30314
Translate old 'preview_pane' setting into new 'layout' property
8 years ago
Aleksander Machniak
27a621818d
Make sure rcube_utils::resolve_url() does not add port 80 to the url
...
...which might have happened with reverse proxies
8 years ago
Aleksander Machniak
7c001260fa
Simplified code to parse METADATA responses
8 years ago
Aleksander Machniak
76170baac0
Fix bug where it wasn't possible to set timezone to auto-detected value ( #5782 )
8 years ago
Aleksander Machniak
6ad4ebe431
Fix SQL syntax error on MariaDB 10.2 ( #5774 )
8 years ago
Aleksander Machniak
bb67757b5c
Removed global $CONFIG variable
8 years ago
Aleksander Machniak
9a63e40faf
Accept an array as $input argument of decode_address_list()
...
... to support a common case and to prevent from PHP warnings.
8 years ago
Aleksander Machniak
336a0cd87b
strncasecmp() -> strcasecmp()
8 years ago
Aleksander Machniak
f7809af6e4
Support AUTHENTICATE LOGIN for IMAP connections ( #5563 )
...
Add imap_auth_type=IMAP to force use of LOGIN instead of AUTHENTICATE LOGIN.
In imap_auth_type=CHECK mode prefer LOGIN over AUTHENTICATE LOGIN (for performance reasons).
8 years ago
Aleksander Machniak
253aac5d9e
Fix var name
8 years ago