@ -1,700 +1,78 @@
CHANGELOG Roundcube Webmail
===========================
- Allow array in smtp_host config (#7296)
- Remove use of ext-iconv
- Support RFC8438: IMAP STATUS=SIZE - for faster folder size calculation (#7269)
- MySQL: Use utf8mb4 charset and utf8mb4_unicode_ci collation (#6535, #7113)
- Support for language codes up to 16 chars long (e.g. es-419) in database schema (#6851)
- Relaxed domain name validation for extended TLDs support (#5588)
- Allow opening application/octet-stream attachments according to filename extension (#6821)
- Added support for INSERT OR REPLACE queries (#6771)
- Allow skins to define which layout options they support (#7235)
- Extract RFC2231 attachment name from message headers (#6729, #6783)
- Archive: Added options to split archive by year or year+month and folder (#7216)
- Managesieve: Allow display name with email address in vacation :from field (#6760)
- Managesieve: Improve UX on custom header input (#7207)
- Managesieve: Fix bug where activation of forward/vacation rule could activate a wrong script (#7423)
- Managesieve: Fix bug where forward/vacation rule could end up being duplicated (#7349)
- Password: Added 'pwned' password strength driver (#7274)
- Add support for SameSite cookie attribute via session_samesite option (req PHP >= 7.3.0) (#6772)
- Elastic: Moving single recipients between recipient inputs with drag-n-drop (#5069)
- Elastic: Display a special icon for other users and shared namespace roots (#5012)
- Elastic: Support space-separated email addresses in recipient input (#6529, #6457)
- Change folders sorting so shared/other users namespaces are listed last (#5012)
- Display a warning and do not try to open empty attachments (#7332)
- Templates: Add support for expressions in object attributes (#7237)
- Templates: Add support for nested if conditions (#6818)
- Templates: Make [space][slash] ending of condition objects optional (#6954)
- Fix ISO-2022-JP-MS encoding issues (#7091)
- Fix so messages in threads with no root aren't displayed separately (#4999)
- Fix so anchor tags without href attribute are not modified (#7413)
- Fix bug where subfolders of special folders could have been duplicated on folder list
- Increase maximum size of contact jobtitle and department fields to 128 characters
- Fix missing newline after the logged line when writing to stdout (#7418)
- Elastic: Fix context menu (paste) on the recipient input (#7431)
- Fix problem with forwarding inline images attached to messages with no HTML part (#7414)
RELEASE 1.4.6
-------------
- Installer: Fix regression in SMTP test section (#7417)
RELEASE 1.2.10
--------------
- Fix missing message-htmlpart1 class breaking inline CSS (#6493)
- Security: Fix XSS issue in handling of CDATA in HTML messages
- Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings
- Security: Fix local file inclusion (and code execution) via crafted 'plugins' option
- Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302)
RELEASE 1.4.5
-------------
- Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364)
- Fix so the database setup description is compatible with MySQL 8 (#7340)
- Markasjunk: Fix regression in jsevent driver (#7361)
- Fix missing flag indication on collapsed thread in Larry and Elastic (#7366)
- Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367)
- Password: Fix issue with Modoboa driver (#7372)
- Mailvelope: Use sender's address to find pubkeys to check signatures (#7348)
- Mailvelope: Fix Encrypt button hidden in Elastic (#7353)
- Fix PHP warning: count(): Parameter must be an array or an object... in ID command handler (#7392)
- Fix error when user-configured skin does not exist anymore (#7271)
- Elastic: Fix aspect ratio of a contact photo in mail preview (#7339)
- Fix bug where PDF attachments marked as inline could have not been attached on mail forward (#7382)
- Security: Fix a couple of XSS issues in Installer (#7406)
- Security: Fix XSS issue in template object 'username' (#7406)
- Security: Better fix for CVE-2020-12641
- Security: Fix cross-site scripting (XSS) via malicious XML attachment
RELEASE 1.4.4
-------------
- Fix bug where attachments with Content-Id were attached to the message on reply (#7122)
- Fix identity selection on reply when both sender and recipient addresses are included in identities (#7211)
- Elastic: Fix text selection with Shift+PageUp and Shift+PageDown in plain text editor when using Chrome (#7230)
- Elastic: Fix recipient input bug when using click to select a contact from autocomplete list (#7231)
- Elastic: Fix color of a folder with recent messages (#7281)
- Elastic: Restrict logo size in print view (#7275)
- Fix invalid Content-Type for messages with only html part and inline images - Mail_Mime-1.10.7 (#7261)
- Fix missing contact display name in QR Code data (#7257)
- Fix so button label in Select image/media dialogs is "Close" not "Cancel" (#7246)
- Fix regression in testing database schema on MSSQL (#7227)
- Fix cursor position after inserting a group to a recipient input using autocompletion (#7267)
- Fix string literals handling in IMAP STATUS (and various other) responses (#7290)
- Fix bug where multiple images in a message were replaced by the first one on forward/reply/edit (#7293)
- Fix handling keyservers configured with protocol prefix (#7295)
- Markasjunk: Fix marking as spam/ham on moving messages with Move menu (#7189)
- Markasjunk: Fix bug where moving to Junk was failing on messages selected with Select > All (#7206)
- Fix so imap error message is displayed to the user on folder create/update (#7245)
- Fix bug where a special folder couldn't be created if a special-use flag is not supported (#7147)
- Mailvelope: Fix bug where recipients with name were not handled properly in mail compose (#7312)
- Fix characters encoding in group rename input after group creation/rename (#7330)
- Fix bug where some message/rfc822 parts could not be attached on forward (#7323)
- Make install-jsdeps.sh script working without the 'file' program installed (#7325)
- Fix performance issue of parsing big HTML messages by disabling HTML5 parser for these (#7331)
- Fix so Print button for PDF attachments works on Firefox >= 75 (#5125)
- Security: Fix XSS issue in handling of CDATA in HTML messages [CVE-2020-12625]
- Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings [CVE-2020-12641]
- Security: Fix local file inclusion (and code execution) via crafted 'plugins' option [CVE-2020-12640]
- Security: Fix CSRF bypass that could be used to log out an authenticated user [CVE-2020-12626] (#7302)
RELEASE 1.4.3
-------------
- Enigma: Fix so key list selection is reset when opening key creation form (#7154)
- Enigma: Fix so using list checkbox selection does not load the key preview frame
- Enigma: Fix generation of key pairs for identities with IDN domains (#7181)
- Enigma: Display IDN domains of key users and identities in UTF8
- Enigma: Fix bug where "Send unencrypted" button didn't work in Elastic skin (#7205)
- Managesieve: Fix bug where it wasn't possible to save flag actions (#7188)
- Markasjunk: Fix bug where marking as spam/ham didn't work on moving messages with drag-and-drop (#7137)
- Password: Make chpass-wrapper.py Python 3 compatible (#7135)
- Elastic: Fix disappearing sidebar in mail compose after clicking Mail button
- Elastic: Fix incorrect aria-disabled attribute on Mail taskmenu button in mail compose
- Elastic: Fix bug where it was possible to switch editor mode when 'htmleditor' was in 'dont_override' (#7143)
- Elastic: Fix text selection in recipient inputs (#7129)
- Elastic: Fix missing Close button in "more recipients" dialog
- Elastic: Fix non-working folder subscription checkbox for newly added folders (#7174)
- Fix regression where "Open in new window" action didn't work (#7155)
- Fix PHP Warning: array_filter() expects parameter 1 to be array, null given in subscriptions_option plugin (#7165)
- Fix unexpected error message when mail refresh involves folder auto-unsubscribe (#6923)
- Fix recipient duplicates in print-view when the recipient list has been expanded (#7169)
- Fix bug where files in skins/ directory were listed on skins list (#7180)
- Fix bug where message parts with no Content-Disposition header and no name were not listed on attachments list (#7117)
- Fix display issues with mail subject that contains line-breaks (#7191)
- Fix invalid Content-Transfer-Encoding on multipart messages - Mail_Mime fix (#7170)
- Fix regression where using an absolute path to SQLite database file on Windows didn't work (#7196)
- Fix using unix:///path/to/socket.file in memcached driver (#7210)
RELEASE 1.4.2
-------------
- Add support for PHPUnit 6 and 7 (#6870)
- Plugin API: Make actionbefore, before<action>, actionafter and after<action> events working with plugin actions (#7106)
- Managesieve: Replace "Filter disabled" with "Filter enabled" (#7028)
- Managesieve: Fix so modifier type select wasn't hidden after hiding modifier select on header change
- Managesieve: Fix filter selection after removing a first filter (#7079)
- Markasjunk: Fix marking more than one message as spam/ham with email_learn driver (#7121)
- Password: Fix kpasswd and smb drivers' double-escaping bug (#7092)
- Enigma: Add script to import keys from filesystem to the db storage (for multihost)
- Installer: Fix DB Write test on SQLite database ("database is locked" error) (#7064)
- Installer: Fix so SQLite DSN with a relative path to the database file works in Installer
- Elastic: Fix contrast of warning toasts (#7058)
- Elastic: Simple search in pretty selects (#7072)
- Elastic: Fix hidden list widget on mobile/tablet when selecting folder while search menu is open (#7120)
- Fix so type attribute on script tags is not used on HTML5 pages (#6975)
- Fix unread count after purge on a folder that is not currently selected (#7051)
- Fix bug where Enter key didn't work on messages list in "List" layout (#7052)
- Fix bug where deleting a saved search in addressbook caused display issue on sources/groups list (#7061)
- Fix bug where a new saved search added after removing all searches wasn't added to the list (#7061)
- Fix bug where a new contact group added after removing all groups from addressbook wasn't added to the list
- Fix bug where Ctype extension wasn't required in Installer and INSTALL file (#7049)
- Fix so install-jsdeps.sh removes Bootstrap's sourceMappingURL (#7035)
- Fix so use of Ctrl+A does not scroll the list (#7020)
- Fix/remove useless keyup event handler on username input in logon form (#6970)
- Fix bug where cancelling switching from HTML to plain text didn't set the flag properly (#7077)
- Fix bug where HTML reply could add an empty line with extra indentation above the original message (#7088)
- Fix matching multiple X-Forwarded-For addresses with 'proxy_whitelist' (#7107)
- Fix so displayed maximum attachment size depends also on 'max_message_size' (#7105)
- Fix bug where 'skins_allowed' option didn't enforce user skin preference (#7080)
- Fix so contact's organization field accepts up to 128 characters (it was 50)
- Fix bug where listing tables in PostgreSQL database with db_prefix didn't work (#7093)
- Fix bug where 'text' attribute on body tag was ignored when displaying HTML message (#7109)
- Fix bug where next message wasn't displayed after delete in List mode (#7096)
- Fix so number of contacts in a group is not limited to 200 when redirecting to mail composer from Contacts (#6972)
- Fix malformed characters in HTML message with charset meta tag not in head (#7116)
RELEASE 1.4.1
-------------
- Elastic: Change HTML editor widget to improve form flow (#6992)
- Elastic: Fix position of mobile floating action button (#7038)
- Managesieve: Fix locked UI after opening filter frame (#7007)
- Fix PHP warning: "array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003)
- Fix bug where cache keys could exceed length limit specified in db schema (#7004)
- Fix invalid Signature button state after escaping Mailvelope mode (#7015)
- Fix so 401 error is returned only on failed logon requests (#7010)
- Fix db_prefix handling in queries with `TRUNCATE TABLE <name>` and `UNIQUE <name>` (#7013)
- Fix so update.sh script warns about changed defaults (#7011)
- Fix tables listing routine when DSN contained a database with unsupported suffix (#7034)
- Fix so Elastic is also a default in jqueryui plugin (#7039)
- Fix bug where the Installer would not warn about required schema upgrade (#7042)
RELEASE 1.4.0
-------------
- Elastic: Resizeable columns (#6929)
- Elastic: Fix position and style of auto-complete dropdown on small screens (#6951)
- Elastic: Fix initial focus on recipients input in mail compose screen
- Elastic: Fix inserting responses at cursor position (#6971)
- Elastic: Fix unread filter icon and search state on folder change (#6978)
- Elastic: Fix regression where Encrypt button wasn't displayed in mail compose toolbar (#6982)
- Elastic: Fix regression where recipient input didn't update internal input state (#6988)
- Enigma: Fix bug where signing option was set to disabled after saving a draft in Elastic skin (#6515)
- Redis: Improve error handling and phpredis 5.X support (#6888)
- Archive: Fix bug where next email was not displayed after Archive button use (#6965)
- Archive: Fix missing Archive icon in folder selector popup in Elastic
- Fix bug where cache keys were not case-sensitive on MySQL/MSSQL (#6942)
- Fix so an error is logged when encryption fails (#6948)
- Fix bug where inline images could have been ignored if Content-Id header contained redundant spaces (#6980)
- Fix and document skin_logo setup (#6981)
RELEASE 1.4-rc2
---------------
- Update to jQuery 3.4.1
- Clarified 'address_book_type' option behavior (#6680)
- Added cookie mismatch detection, display an error message informing the user to clear cookies
- Renamed 'log_session' option to 'session_debug'
- Removed 'delete_always' option (#6782)
- Don't log full session identifiers in userlogins log (#6625)
- Support $HasAttachment/$HasNoAttachment keywords (#6201)
- Support PECL memcached extension as a session and cache storage driver (experimental)
- Switch to IDNA2008 variant (#6806)
- installto.sh: Add possibility to run the update even on the up-to-date installation (#6533)
- Plugin API: Add 'render_folder_selector' hook
- Added 'keyservers' option to define list of HKP servers for Enigma/Mailvelope (#6326)
- Added flag to disable server certificate validation via Mysql DSN argument (#6848)
- Select all records on the current list page with CTRL + A (#6813)
- Use Left/Right Arrow keys to faster move over threaded messages list (#6399)
- Changes in `display_next` setting (#6795):
- Move it to Preferences > User Interface > Main Options
- Make it apply to Contacts interface too
- Make it apply only if deleting/moving a previewed message/contact
- Redis: Support connection to unix socket
- Put charset meta specification before a title tag, add page title automatically (#6811)
- Elastic: Various internal refactorings
- Elastic: Add Prev/Next buttons on message page toolbar (#6648)
- Elastic: Close search options on Enter key press in quick-search input (#6660)
- Elastic: Changed some icons (#6852)
- Elastic: Changed read/unread icons (#6636)
- Elastic: Changed "Move to..." icon (#6637)
- Elastic: Add hide/show for advanced preferences (#6632)
- Elastic: Add default icon on Settings/Preferences lists for external plugins (#6814)
- Elastic: Add indicator for popover menu items that open a submenu (#6868)
- Elastic: Move compose attachments/options to the right side (#6839)
- Elastic: Add border/background to attachments list widget (#6842)
- Elastic: Add "Show unread messages" button to the search bar (#6587)
- Elastic: Fix bug where toolbar disappears on attachment menu use in Chrome (#6677)
- Elastic: Fix folders list scrolling on touch devices (#6706)
- Elastic: Fix non-working pretty selects in Chrome browser (#6705)
- Elastic: Fix issue with absolute positioned mail content (#6739)
- Elastic: Fix bug where some menu actions could cause a browser popup warning
- Elastic: Fix handling mailto: URL parameters in contact menu (#6751)
- Elastic: Fix keyboard navigation in some menus, e.g. the contact menu
- Elastic: Fix visual issue with long buttons in .boxwarning (#6797)
- Elastic: Fix handling new-line in text pasted to a recipient input
- Elastic: Fix so search is not reset when returning from the message preview page (#6847)
- Larry: Fix regression where menu actions didn't work with keyboard (#6740)
- ACL: Display user/group names (from ldap) instead of acl identifier
- Password: Added ldap_exop driver (#4992)
- Password: Added support for SSHA512 password algorithm (#6805)
- Managesieve: Fix bug where global includes were requested for vacation (#6716)
- Managesieve: Use RFC-compliant line endings, CRLF instead of LF (#6686)
- Managesieve: Fix so "Create filter" option does not show up when Filters menu is disabled (#6723)
- Enigma: For verified signatures, display the user id associated with the sender address (#5958)
- Enigma: Fix bug where revoked users/keys were not greyed out in key info
- Enigma: Fix error message when trying to encrypt with a revoked key (#6607)
- Enigma: Fix "decryption oracle" bug [CVE-2019-10740] (#6638)
- Enigma: Fix bug where signature verification could have been skipped for some message structures (#6838)
- Fix language selection for spellchecker in html mode (#6915)
- Fix css styles leak from replied/forwarded message to the rest of the composed text (#6831)
- Fix invalid path to "add contact" icon when using assets_path setting
- Fix invalid path to blocked.gif when using assets_path setting (#6752)
- Fix so advanced search dialog is not automatically displayed on searchonly addressbooks (#6679)
- Fix so an error is logged when more than one attachment plugin has been enabled, initialize the first one (#6735)
- Fix bug where flag change could have been passed to a preview frame when not expected
- Fix bug in HTML parser that could cause missing text fragments when there was no head/body tag (#6713)
- Fix bug where HTML messages with a xml:namespace tag were not rendered (#6697)
- Fix TinyMCE download location (#6694)
- Fix so "Open in new window" consistently displays "external window" interface (#6659)
- Fix bug where next row wasn't selected after deleting a collapsed thread (#6655)
- Fix bug where external content (e.g. mail body) was passed to templates parsing code (#6640)
- Fix bug where attachment preview didn't work with x_frame_options=deny (#6688)
- Fix so bin/install-jsdeps.sh returns error code on error (#6704)
- Fix bug where bmp images couldn't be displayed on some systems (#6728)
- Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744)
- Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758)
- Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746)
- Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793)
- Fix bug where selection of columns on messages list wasn't working
- Fix bug in converting multi-page Tiff images to Jpeg (#6824)
- Fix bug where handling multiple messages from multi-folder search result could not work (#6845)
- Fix bug where unread count wasn't updated after moving multi-folder result (#6846)
- Fix wrong messages order after returning to a multi-folder search result (#6836)
- Fix some PHP 7.4 compat. issues (#6884, #6866)
- Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898)
- Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899)
- Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897)
- Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896)
RELEASE 1.4-rc1
---------------
- Changed 'password_charset' default to 'UTF-8' (#6522)
- Add skins_allowed option (#6483)
- SMTP GSSAPI support via krb_authentication plugin (#6417)
- Avoid Referer leaking by using Referrer-Policy:same-origin header (#6385)
- Removed 'referer_check' option (#6440)
- Use constant prefix for temp file names, don't remove temp files from other apps (#6511)
- Ignore 'Sender' header on Reply-All action (#6506)
- deluser.sh: Add option to delete users who have not logged in for more than X days (#6340)
- HTML5 Upload Progress - as a replacement for the old server-side solution (#6177)
- Update to TinyMCE 4.8.2
- Update to jQuery-MiniColors 2.3.4
- Prevent from using deprecated timezone names from jsTimezoneDetect
- Force session.gc_probability=1 when using custom session handlers (#6560)
- Support simple field labels (e.g. LetterHub examples) in csv imports (#6541)
- Add cache busters also to images used by templates (#6610)
- Plugin API: Added 'raise_error' hook (#6199)
- Plugin API: Added 'common_headers' hook (#6385)
- Plugin API: Added 'ldap_connected' hook
- Enigma: Update to OpenPGPjs 4.2.1 - fixes user name encoding issues in key generation (#6524)
- Enigma: Fixed multi-host synchronization of private and deleted keys and pubring.kbx file
- Managesieve: Added support for 'editheader' extension - RFC5293 (#5954)
- Managesieve: Fix bug where custom header or variable could be lost on form submission (#6594)
- Markasjunk: Integrate markasjunk2 features into markasjunk - marking as non-junk + learning engine (#6504)
- Password: Added 'modoboa' driver (#6361)
- Password: Fix bug where password_dovecotpw_with_method setting could be ignored (#6436)
- Password: Fix bug where new users could skip forced password change (#6434)
- Password: Allow drivers to override default password comparisons (eg new is not same as current) (#6473)
- Password: Allow drivers to override default strength checks (eg allow for 'not the same as last x passwords') (#246)
- Passowrd: Allow drivers to define password strength rules displayed to the user
- Password: Allow separate password saving and strength drivers for use of strength checking services (#5040)
- Password: Add zxcvbn driver for checking password strength (#6479)
- Password: Disallow control characters in passwords
- Password: Add support for Plesk >= 17.8 (#6526)
- Elastic: Improved datepicker displayed always in parent window
- Elastic: On touch devices display attachment icons on messages list (#6296)
- Elastic: Make menu button inactive if all subactions are inactive (#6444)
- Elastic: On mobile/tablet jump to the list on folder selection (#6415)
- Elastic: Various improvements on mail compose screen (#6413)
- Elastic: Support new-line char as a separator for pasted recipients (#6460)
- Elastic: Improved UX of search dialogs (#6416)
- Elastic: Fix unwanted thread expanding when selecting a collapsed thread in non-mobile mode (#6445)
- Elastic: Fix too small height of mailvelope mail preview frame (#6600)
- Elastic: Add "status bar" for mobile in mail composer
- Elastic: Add selection options on contacts list (#6595)
- Elastic: Fix unintentional layout preference overwrite (#6613)
- Elastic: Fix bug where Enigma options in mail compose could sometimes be ignored (#6515)
- Log errors caused by low pcre.backtrack_limit when sending a mail message (#6433)
- Fix regression where drafts were not deleted after sending the message (#6756)
- Fix so max_message_size limit is checked also when forwarding messages as attachments (#6580)
- Fix so performance stats are logged to the main console log also when per_user_logging=true
- Fix malformed message saved into Sent folder when using big attachments and low memory limit (#6498)
- Fix incorrect IMAP SASL GSSAPI negotiation (#6308)
- Fix so unicode in local part of the email address is also supported in recipient inputs (#6490)
- Fix bug where autocomplete list could be displayed out of screen (#6469)
- Fix style/navigation on error page depending on authentication state (#6362)
- Fix so invalid smtp_helo_host is never used, fallback to localhost (#6408)
- Fix custom logo size in Elastic (#6424)
- Fix listing the same attachment multiple times on forwarded messages
- Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494)
- Fix inconsistent offset for various time zones - always display Standard Time offset (#6531)
- Fix dummy Message-Id when resuming a draft without Message-Id header (#6548)
- Fix handling of empty entries in vCard import (#6564)
- Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577)
- Fix PHP 7.2 compatibility in debug_logger plugin (#6586)
- Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581)
- Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599)
- Fix missing CSRF token on a link to download too-big message part (#6621)
- Fix bug when aborting dragging with ESC key didn't stop the move action (#6623)
RELEASE 1.4-beta
----------------
- Added new skin with mobile support - the Elastic
- Support Redis cache
- Email Resent (Bounce) feature (#4985)
- Improved Mailvelope integration
- Added private key listing and generating to identity settings
- Enable encrypt & sign option if Mailvelope supports it
- Allow contacts without an email address (#5079)
- Support SMTPUTF8 and relax email address validation to support unicode in local part (#5120)
- Support for IMAP folders that cannot contain both folders and messages (#5057)
- Update to jQuery-3.3.1
- Update to jQuery-minicolors 2.2.6
- Update to TinyMCE 4.7.13
- Remove sample PHP configuration from .htaccess and .user.ini files (#5850)
- Extend skin_logo setting to allow per skin logos (#6272)
- Use Masterminds/HTML5 parser for better HTML5 support (#5761)
- Add More actions button in Contacts toolbar with Copy/Move actions (#6081)
- Display an error when clicking disabled link to register protocol handler (#6079)
- Add option trusted_host_patterns (#6009, #5752)
- Support additional connect parameters in PostgreSQL database wrapper
- Use UI dialogs instead of confirm() and alert() where possible
- Display value of the SMTP message size limit in the error message (#6032)
- Show message flagged status in message view (#5080)
- Skip redundant INSERT query on successful logon when using PHP7
- Replace display_version with display_product_version (#5904)
- Extend disabled_actions config so it accepts also button names (#5903)
- Handle remote stylesheets the same as remote images, ask the user to allow them (#5994)
- Add Message-ID to the sendmail log (#5871)
- Add option to hide folders in share/other-user namespace or outside of the personal namespace root (#5073)
- Archive: Fix archiving by sender address on cyrus-imap
- Archive: Style Archive folder also on folder selector and folder manager lists
- Archive: Add Thunderbird compatible Month option (#5623)
- Archive: Create archive folder automatically if it's configured, but does not exist (#6076)
- Enigma: Add button to send mail unencrypted if no key was found (#5913)
- Enigma: Add options to set PGP cipher/digest algorithms (#5645)
- Enigma: Multi-host support
- Managesieve: Add ability to disable filter sets and other actions (#5496, #5898)
- Managesieve: Add option managesieve_forward to enable settings dialog for simple forwarding (#6021)
- Managesieve: Support filter action with custom IMAP flags (#6011)
- Managesieve: Support 'mime' extension tests - RFC5703 (#5832)
- Managesieve: Support GSSAPI authentication with krb_authentication plugin (#5779)
- Managesieve: Support enabling the plugin for specified hosts only (#6292)
- Password: Support host variables in password_db_dsn option (#5955)
- Password: Automatic virtualmin domain setting, removed password_virtualmin_format option (#5759)
- Password: Added password_username_format option (#5766)
- subscriptions_option: show \\Noselect folders greyed out (#5621)
- zipdownload: Added option to define size limit for multiple messages download (#5696)
- vcard_attachments: Add possibility to send contact vCard from Contacts toolbar (#6080)
- Changed defaults for smtp_user (%u), smtp_pass (%p) and smtp_port (587)
- Composer: Fix certificate validation errors by using packagist only (#5148)
- Add --get and --extract arguments and CACHEDIR env-variable support to install-jsdeps.sh (#5882)
- Support _filter and _scope as GET arguments for opening mail UI (#5825)
- Various improvements for templating engine and skin behaviours
- Support conditional include
- Support for 'link' objects
- Support including files with path relative to templates directory
- Use <button> instead of <input> for submit button on logon screen
- Support skin localization (#5853)
- Reset onerror on images if placeholder does not exist to prevent from requests storm
- Unified and simplified code for loading content frame for responses and identities
- Display contact import and advanced search in popup dialogs
- Display a dialog for mail import with supported format description and upload size hint
- Make possible to set (some) config options from a skin
- Added optional checkbox selection for the list widget
- Make 'compose' command always enabled
- Add .log suffix to all log file names, add option log_file_ext to control this (#313)
- Return "401 Unauthorized" status when login fails (#5663)
- Support both comma and semicolon as recipient separator, drop recipients_separator option (#5092)
- Plugin API: Added 'show_bytes' hook (#5001)
- Add option to not indent quoted text on top-posting reply (#5105)
- Removed global $CONFIG variable
- Removed debug_level setting
- Support AUTHENTICATE LOGIN for IMAP connections (#5563)
- Support LDAP GSSAPI authentication (#5703)
- Localized timezone selector (#4983)
- Use 7bit encoding for ISO-2022-* charsets in sent mail (#5640)
- Handle inline images also inside multipart/mixed messages (#5905)
- Allow style tags in HTML editor on composed/reply messages (#5751)
- Use Github API as a fallback to fetch js dependencies to workaround throttling issues (#6248)
- Show confirm dialog when moving folders using drag and drop (#6119)
- Fix bug where new_user_dialog email check could have been circumvented by deleting / abandoning session (#5929)
- Fix skin extending for assets (#5115)
- Fix handling of forwarded messages inside of a TNEF message (#5632)
- Fix bug where attachment size wasn't visible when the filename was too long (#6033)
- Fix checking table columns when there's more schemas/databases in postgres/mysql (#6047)
- Fix css conflicts in user interface and e-mail content (#5891)
- Fix duplicated signature when using Back button in Chrome (#5809)
- Fix touch event issue on messages list in IE/Edge (#5781)
- Fix so links over images are not removed in plain text signatures converted from HTML (#4473)
- Fix various issues when downloading files with names containing non-ascii chars, use RFC 2231 (#5772)
RELEASE 1.3.8
-------------
- Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374)
- Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383)
- Enigma: Fix deleting keys with authentication subkeys (#6381)
- Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398)
- Fix so Classic skin splitter does not escape out of window (#6397)
- Fix XSS issue in handling invalid style tag content [CVE-2018-19206] (#6410)
- Fix compatibility with MySQL 8 - error on 'system' table use
- Managesieve: Fix bug where show_real_foldernames setting wasn't respected (#6422)
- New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419)
- Fix support for "allow-from <uri>" in "x_frame_options" config option (#6449)
- Fix bug where valid content between HTML comments could have been skipped in some cases (#6464)
- Fix multiple VCard field search (#6466)
- Fix session issue on long running requests (#6470)
RELEASE 1.3.7
RELEASE 1.2.9
-------------
- Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244)
- Fix bug where some parts of quota information could have been ignored (#6280)
- Fix bug where some escape sequences in html styles could bypass security checks
- Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names
- Fix bug where only attachments with the same name would be ignored on zip download (#6301)
- Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299)
- Fix bug where after "mark all folders as read" action message counters were not reset (#6307)
- Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289)
- Fix bug where some HTML comments could have been malformed by HTML parser (#6333)
RELEASE 1.3.6
-------------
- Fix parsing date strings (e.g. from a Date: mail header) with comments (#6216)
- Fix PHP 7.2: count(): Parameter must be an array in enchant-based spellchecker (#6234)
- Fix possible IMAP command injection and type juggling vulnerabilities (#6229)
- Enigma: Fix key selection for signing
- Enigma: Enable keypair generation on Internet Explorer 11
- Fix check_request() bypass in places using get_uids() [CVE-2018-9846] (#6238)
- Fix bug where usernames without domain part could be malformed or converted to lower-case on logon (#6224)
- Fix regression where IMAP commands with '*' uidset argument wasn't working
RELEASE 1.3.5
RELEASE 1.2.8
-------------
- Managesieve: Fix bug where text: syntax was forced for strings longer than 1024 characters (#6143)
- Managesieve: Fix missing Save button in Edit Filter Set page of Classic skin (#6154)
- Fix duplicated labels in Test SMTP Config section (#6166)
- Fix PHP Warning: exif_read_data(...): Illegal IFD size (#6169)
- Enigma: Fix key generation in Safari by upgrade to OpenPGP 2.6.2 (#6149)
- Fix check_request() bypass in places using get_uids() [CVE-2018-9846] (#6238)
- Fix possible IMAP command injection vulnerability [CVE-2018-9846] (#6229)
- Fix security issue in remote content blocking on HTML image and style tags (#6178)
- Added 9pt and 11pt to the list of font sizes in HTML editor
- Fix handling encoding of HTML tags in "inline" JSON output (#6207)
- Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() (#6212)
RELEASE 1.3.4
-------------
- Fix bug where contacts search could skip some records (#6130)
- Fix possible information leak - add more strict sql error check on user creation (#6125)
- Fix a couple of warnings on PHP 7.2 (#6098)
- Fix broken long filenames when using imap4d server - workaround server bug (#6048)
- Fix so temp_dir misconfiguration prints an error to the log (#6045)
- Fix untagged COPYUID responses handling - again (#5982)
- Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated" with PHP 7.2 (#6075)
- Fix bug where Archive folder wasn't auto-created on login with create_default_folders=true
- Fix performance issue when parsing malformed and long Date header (#6087)
- Fix syntax error in mssql.initial.sql (#6097)
- Fix bug where contacts export by selection returned no more than 10 entries (#6103)
- Fix searching contacts by address in LDAP source (#6084)
- Fix X-Frame-Options:ALLOW-FROM support, remove custom click-jacking protection (#6057)
RELEASE 1.3.3
RELEASE 1.2.7
-------------
- Fix decoding of mailto: links with + character in HTML messages (#6020)
- Fix false reporting of failed upgrade in installto.sh (#6019)
- Fix file disclosure vulnerability caused by insufficient input validation [CVE-2017-16651] (#6026)
- Fix mangled non-ASCII characters in links in HTML messages (#6028)
RELEASE 1.3.2
-------------
- Fix bug where pink image was used instead of a thumbnail when image resize fails (#5933)
- Fix so files size/count limit is verified (client-side) also on drag-n-drop uploads (#5940)
- Fix invalid template loading on a message error in preview frame (#5941)
- Fix rewind(): stream does not support seeking (#5950)
- Fix bug where HTML messages could have been rendered empty on some systems (#5957)
- Fix wording of "Mark previewed messages as read" to "Mark messages as read" (#5952)
- Enigma: Fix decryption of messages encoded with non-ascii charset (#5962)
- Fix missing cursor in HTML editor on mail reply (#5969)
- Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview (#5580)
- Fix bug where mail search could return empty result on servers without SORT capability (#5973)
- Fix bug where assets_path wasn't added to some watermark frames
- Fix so untagged COPYUID responses are also supported according to RFC6851 (#5982)
- Fix issue caused by non-default session.cookie_lifetime setting (#5961)
- Fix Edge encoding bug when pasting text into the HTML editor, update to TinyMCE 4.5.8 (#5885)
- Fix handling of unknown Content-Disposition type (#6002)
- Fix truncated folder name on messages list in multi-folder mode, for folders with non-ascii characters (#6004)
- Fix bug where removing the last subfolder did not hide toggle button on its parent record (#6007)
- Fix bug where ghost messages could be added to the list after fast delete (#5941)
RELEASE 1.3.1
-------------
- Add Preferences > Mailbox View > Main Options > Layout (#5829)
- Password: Fix compatibility with PHP 7+ in cpanel_webmail driver (#5820)
- Managesieve: Fix parsing dot-staffed lines in multiline text (#5838)
- Managesieve: Fix AM/PM suffix in vacation time selectors
- Managesieve: Fix bug where 'exists' operator was reset to 'contains' (#5899)
- Remove non-printable characters from filenames on download/display (#5880)
- Fix decoding non-ascii attachment names from TNEF attachments (#5646, #5799)
- Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure rcube_utils::random_bytes() result has always requested length (#5788)
- Fix bug where HTML messages with @media styles could moddify style of page body (#5811)
- Fix style issue on selected and unfocused message that is part of a thread (#5798)
- Fix bug where a.button style from managesieve plugin could impact other elements (#5800)
- Fix position of selected icon for (Mailvelope) Encrypt button
- Fix fatal error when using DMY- or MDY-based date format in PostgreSQL (#5808)
- Fix bug where errors were not printed when using bin/update.sh (#5834)
- Fix PHP 7.2 warnings on count() use (#5845)
- Fix bug where Chrome could not upload the same file that was selected before (#5854)
- Fix duplicate messages on the list after deleting messages on the next to the last page (#5862)
- Fix bug where messages count was not updated after delete when imap_cache is set (#5872)
- Fix potential XSS vulnerability with malformed HTML message markup
- Fix sending message with "Too many public recipients" dialog buttons (#5924)
- Bring back double-click behavior on the message list which was removed in 1.3.0 (#5823)
- Enigma: Fix decrypting an encrypted+signed message when signature verification fails (#5914)
- Managesieve: Fix parsing dot-staffed lines in multiline text (#5838, #5959)
- Fix file disclosure vulnerability caused by insufficient input validation [CVE-2017-16651] (#6026)
RELEASE 1.3.0
RELEASE 1.2.6
-------------
- Update to TinyMCE 4.5.7
- Fix bug where invalid recipients could be silently discarded (#5739)
- Fix conflict with _gid cookie of Google Analytics (#5748)
- Print error from CLI scripts when system/exec function is disabled (#5744)
- Don't ignore (global) userlogins/sendmail logging in per_user_logging mode
- Enigma: Fix compatibility with assets_dir
- Managesieve: Fix AM/PM suffix in vacation time selectors
- Fix bug where comment notation within style tag would cause the whole style to be ignored (#5747)
- Fix bug where it wasn't possible to scroll folders list in Edge (#5750)
- Fix folders list sorting on Windows - if php-intl is available (#5732)
- Fix addressbook searching by gender (#5757)
- Fix prevention from using % and * characters in folder name (#5762)
- Fix POST parameter reflection in default_charset selector (#5768)
- Enigma: Fix compatibility with assets_dir
- Managesieve: Skip redundant LISTSCRIPTS command
- Fix SQL syntax error on MariaDB 10.2 (#5774)
- Fix bug where zipdownload ignored files with the same name (#5777)
- Fix bug where it wasn't possible to set timezone to auto-detected value (#5782)
- Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure rcube_utils::random_bytes() result has always requested length (#5788)
- Fix potential XSS vulnerability with malformed HTML message markup
RELEASE 1.3-rc
--------------
- "Flattened" the larry theme: fresher look by removing shadows and gradients
- Support logging to php://stdout (#5721)
- Add support for DelSp=Yes in format=flowed messages (#5702)
- Update to jQuery 3.2.1
- Update to TinyMCE 4.5.6
- Plugin API: Call message_part_structure hook for sub-parts of multipart/alternative message (#5678)
- Enigma: Always use detached signatures (#5624)
- Enigma: Fix handling of messages with nested PGP encrypted parts (#5634)
- Minimize unwanted message loading in preview frame on drag (#5616)
- Fix failing database schema check in all engines except mysql (#5730)
- Fix autocomplete popup closing with click outside the input, don't handle Tab key as Enter (#5606)
- Fix jsdeps.json synchronization on update, warn about missing requirements of install-jsdeps.sh (#5598)
- Fix missing thread expand icon on search result in widescreen mode (#5613)
- Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580)
- Fix bug where external content in src attribute of input/video tags was not secured (#5583)
- Fix PHP error on update of a contact with multiple email addresses when using PHP 7.1 (#5587)
- Fix bug where mail content frame couldn't be reset in some corner cases (#5608)
- Fix bug where some classic skin images were not displayed in IE/Edge (#5614)
- Fix bug where signature couldn't be added above the quote in Firefox 51 (#5628)
- Fix regression where groups with email address were resolved to its members' addresses
- Fix update of group name in the contacts list header on group rename (#5648)
- Add rewrite rule to disable access to /vendor/bin folder in .htaccess (#5630)
- Fix bug where it was too easy accidentally move a folder when using the subscription checkbox (#5655)
- Managesieve: Fix parser issue with empty lines between comments (#5657)
- Managesieve: Fix possible defect in handling \r\n in scripts (#5685)
- Fix/rephrase "unsaved changes" warning when cancelling a draft (#5610)
- Fix XSS issue in handling of a style tag inside of an svg element [CVE-2017-6820]
- Fix bug where settings/upload.inc could not be used by plugins (#5694)
RELEASE 1.2.5
-------------
- Fix re-positioning of the fixed header of messages list in Chrome when using minimal mode toggle and About dialog (#5711)
- Fix so settings/upload.inc could not be used by plugins (#5694)
- Fix regression in LDAP fuzzy search where it always used prefix search instead (#5713)
- Fix bug where namespace prefix could not be truncated on folders list if show_real_foldernames=true (#5695)
- Fix undesired effects when postgres database uses different timezone than PHP host (#5708)
- Installer: Fix DB schema initialization on MS SQL Server
- Fix bug where base_dn setting was ignored inside group_filters (#5720)
- Password: Fix security issue in virtualmin and sasl drivers [CVE-2017-8114]
RELEASE 1.3-beta
----------------
- Nicely handle contact deletion on contact edit (#5522)
- vcard_attachments: Add possibility to attach contact vCard to composed message (#4997)
- Preserve message internal/received date on import in mbox format (#5559)
- Zipdownload: Fix date format in mbox "From line"
- Possibility to display QR code for contacts data (#5030)
- Added identicon plugin
- Widescreen layout aka three column view (#5093)
- Unify automatic marking as \Seen in preview pane, full-page and extwin views (#5071)
- Disable double-click on the list when preview pane is on (#5199)
- Support hostname and hostname:port in force_https option (#5511)
- Support ALLOW-FROM in x_frame_options (#5122)
- Allow to omit a subject when sending an email (#5068)
- Warn about too many disclosed recipients in composed email [max_disclosed_recipients] (#5132)
- identity_select: Support Received header (#5085)
- Plugin API: Added get_compose_responses hook (#5457)
- Display error when trying to upload more files than specified in max_file_uploads (#5483)
- Add missing sql upgrade file for 'ip' column resize in session table (#5465)
- Do not show inline images of unsupported mimetype (#5463)
- Password: Added replacement variables support in password_pop_host (#5539)
- Password: Don't store passwords in temp files when using dovecotpw (#5531)
- Password: Added LDAP PPolicy driver (#5364)
- Password: Added cpanel_webmail driver (#5549)
- Password: Added possibility to nicely redirect from other plugins on password expiration (#5468)
- Implement separate action to mark all messages in a folder as \Seen (#5006)
- Implement marking as \Seen in all folders or in a folder and its subfolders (#5076)
- Archive: Don't reload messages list when it's not needed (#5225)
- Archive: Add option to automatically mark archived messages as \Seen (#5142)
- Improve randomness of password salts and random hashes (#5266)
- Password/cPanel: Add support for hash authentication and reseller accounts (#5252)
- Support host-specific imap_conn_options/smtp_conn_options/managesieve_conn_options (#5136)
- Center and scale images in attachment preview frame (#5421)
- Added max_message_size option enforced when attaching files to a composed message (#4993)
- Added Search button in quick search menus (#5312)
- Implement "one click" attachment/messages/photo upload (#5024)
- Squirrelmail_usercopy: Add option to define character set of data files
- Removed useless 'created' column from 'session' table (#5389)
- Dropped legacy browsers support (#5167)
- Removed legacy_browser plugin
- Removed hacks for IE < 10
- Update to jQuery 3.1.1 and jQuery-UI 1.12.0
- compile .min.js files with ECMASCRIPT5 option
- Require PHP >= 5.4
- Add possibility to preview and download attachments in mail compose (#5053)
- Add possibility to rename attachments in mail compose (#4996)
- Remove backward compatibility "layer" of bc.php (#4902)
- Support WEBP images in mail messages (#5362)
- Support MathML in HTML message preview (#5182)
- Rename Addressbook to Contacts (#5233)
- Remove PHP mail() support, smtp_server is required now (#5340)
- Display full message subject in onmouseover on truncated subject in mail view (#5346)
- Enigma: Support GnuPG 2.1 (#5313)
- Enigma: Support key generation for multiple identities (#5383)
- Enigma: Import keys from key-server(s) (#5286)
- Enigma: Search missing public keys on a key-server in mail compose (#5286)
- Enigma: Delete user keys when using deluser.sh script
- Enigma: Fix redundant list-secret-keys/list-public-keys calls on signing/encryption
- Enigma: Implement PGP encryption and signing in one go (#5302)
- Enigma: Display signature verification status for encrypted+signed messages (#5302)
- Display different attachment icon on encrypted messages
- Display different confirmation text when moving messages to Trash (#5220)
- Indicate that a collapsed thread has flagged children (#5013)
- Implemented message/rfc822 attachment preview
- Update to jsTimezoneDetect 1.0.6
- Managesieve: Add (optional) RAW script editor (#5414)
- Managesieve: Add option to automatically set vacation :from address (#5428)
- Managesieve: Support 'string' test from variables extension [RFC 5229] (#5248)
- Managesieve: Support 'duplicate' extension [RFC 7352]
- Managesieve: Unhide advanced rule controls if there are inputs with errors
- Managesieve: Display warning message when filter form contains errors
- Control search engine crawlers via X-Robots-Tag header instead of <meta> and robots.txt (#5098)
- Fixed redundancy in sql caching system and compatibility with Galera Cluster (#5439)
- Removed redundant 'created' column from cache and cache_shared tables
- Removed use of redundant data records
- Added missing primary keys (dictionary, cache, cache_shared tables)
- Fix so templating system does not mess with external (e.g. email) content (#5499)
- Fix redundant keep-alive/refresh after session error on compose page (#5500)
RELEASE 1.2.4
-------------
- Managesieve: Fix handling of scripts with nested rules (#5540)
- Fix variable substitution in ldap host for some use-cases, e.g. new_user_identity (#5544)
- Managesieve: Fix parser issue with empty lines between comments (#5657)
- Managesieve: Fix possible defect in handling \r\n in scripts (#5685)
- Enigma: Fix handling of messages with nested PGP encrypted parts (#5634)
- Enigma: Fix PHP fatal error when decrypting a message with invalid signature (#5555)
- Enigma: Fix missing require statement for Crypt_GPG_KeyGenerator (#5641)
- Fix variable substitution in ldap host for some use-cases, e.g. new_user_identity (#5544)
- Fix adding images to new identity signatures
- Fix rsync error handling in installto.sh script (#5562)
- Fix some advanced search issues with multiple addressbooks (#5572)
- Fix so group/addressbook selection is retained on page refresh
- Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580)
- Fix bug where external content in src attribute of input/video tags was not secured (#5583)
- Fix PHP error on update of a contact with multiple email addresses when using PHP 7.1 (#5587)
- Fix bug where mail content frame couldn't be reset in some corner cases (#5608)
- Fix bug where some classic skin images were not displayed in IE/Edge (#5614)
- Fix bug where signature couldn't be added above the quote in Firefox 51 (#5628)
- Fix regression where groups with email address were resolved to its members' addresses
- Fix update of group name in the contacts list header on group rename (#5648)
- Add rewrite rule to disable access to /vendor/bin folder in .htaccess (#5630)
- Fix bug where it was too easy accidentally move a folder when using the subscription checkbox (#5655)
- Fix XSS issue in handling of a style tag inside of an svg element (CVE-2017-6820)
RELEASE 1.2.3
-------------
@ -802,7 +180,7 @@ RELEASE 1.2-rc
- Fix .htaccess rewrite rules to not block .well-known URIs (#4943)
- Fix mail view scaling on iOS (#4915)
- Fix PHP7 warning "session_start(): Session callback expects true/false return value" (#4948)
- Fix XSS issue in SVG images handling [CVE-2015-8864, CVE-2016-4068] (#4949)
- Fix XSS issue in SVG images handling (#4949)
- Fix missing language name in "Add to Dictionary" request in HTML mode (#4951)
- Fix (again) security issue in DBMail driver of password plugin [CVE-2015-2181] (#4958)
- Fix bug where Archive/Junk buttons were not active after page jump with select=all mode (#4961)
@ -811,7 +189,7 @@ RELEASE 1.2-rc
- Fix additional_message_headers plugin compatibility with Mail_Mime >= 1.9 (#4966)
- Hide DSN option in Preferences when smtp_server is not used (#4967)
- Fix handling of body parameter in mail compose request
- Protect download urls against CSRF using unique request tokens [CVE-2016-4069] (#4957)
- Protect download urls against CSRF using unique request tokens (#4957)
- newmail_notifier: Refactor desktop notifications
- Fix so contactlist_fields option can be set via config file
- Fix so SPECIAL-USE assignments are forced only until user sets special folders (#4782)
@ -961,7 +339,7 @@ RELEASE 1.1.1
- Fix fatal errors on systems without mbstring extension or mb_regex_encoding() function (#4769)
- Fix cursor position on reply below the quote in HTML mode (#4759)
- Fix so "over quota" errors are displayed also in message compose page
- Fix duplicate entries supp ression in autocomplete result (#4776)
- Fix duplicate entries supression in autocomplete result (#4776)
- Fix "Non-static method PEAR::isError() should not be called statically" errors (#4770)
- Fix parsing invalid HTML messages with BOM after <!DOCTYPE> (#4777)
- Fix duplicate entry on timezones list in rcube_config::timezone_name_from_abbr() (#4779)
@ -1034,7 +412,7 @@ RELEASE 1.1-beta
- Fix restoring draft messages from localStorage if editor mode differs (#4631)
- Added config option/user preference to disable saving messages in localStorage (#4606)
- Added config option 'imap_log_session' to enable Roundcube <-> IMAP session ID logging
- Added config option 'log_session_id' to control the lengt h of the session identifi er in logs
- Added config option 'log_session_id' to control the lengh of the session identifer in logs
- Implemented 'storage_connected' API hook after successful IMAP login (#4638)
- Intergrate Net_LDAP3 and rcube_ldap_generic classes
- Add option (disabled_actions) to disable UI elements/actions (#4478)
@ -1347,7 +725,7 @@ RELEASE 0.9.4
- Make identities matching case insensitive (#1881)
- Fix issue where too big message data was stored in cache causing sql errors (#4325)
- Fix iframe scrollbars on webkit desktop browsers (#4319)
- Fix issue where legacy config was overridd en by default config (#4305)
- Fix issue where legacy config was overriden by default config (#4305)
- Fix newmail_notifier issue where favicon wasn't changed back to default (#4324)
- Fix setting of Junk and NonJunk flags by markasjunk plugin (#4303)
- Fix lack of Reply-To address in header of forwarded message body (#4314)
@ -1431,7 +809,7 @@ RELEASE 0.9.1
- Fix so Sender: address is added to Cc: field on reply to all (#4140)
- Fix so addressbook_search_mode works also for group search (#4183)
- Fix removal of a contact from a group in LDAP addressbook (#4185)
- Inc lude SQL query in the log on SQL error (#4172)
- Inlc ude SQL query in the log on SQL error (#4172)
- Fix handling untagged responses in IMAP FETCH - "could not load message" error (#4180)
- Fix very small window size in Chrome (#4087)
- Fix list page reset when viewing a message in Larry skin (#4182)
@ -1718,7 +1096,7 @@ RELEASE 0.8-rc
- Add IE8 hack for messages list issue (#3317)
- Fix handling errors on draft auto-save
- Fix importing vCard photo with ENCODING param specified (#3746)
- Support mul tiple name/email pairs for Bcc and Reply-To identity settings (#3752)
- Support mutl iple name/email pairs for Bcc and Reply-To identity settings (#3752)
- Set flexible width to login form fields (#3735)
- Fix re-draw bug on list columns change in IE8 (#3318)
- Allow mass-removal of addresses from a group (#3259)
@ -2214,7 +1592,7 @@ RELEASE 0.4.1
RELEASE 0.4
-----------
- Fix disapp earing upload form disap pears when user selects a file on Safari (#2917)
- Fix disapearing upload form disapears when user selects a file on Safari (#2917)
- Don't replace error messages with loading info (#2534)
- Fix JS errors on compose mode switch (#2952)
- Fix message structure parsing when it lacks optional fields (#2960)
@ -2877,7 +2255,7 @@ RELEASE 0.1-RC2
- Improve message compose screen (closes #1060)
- Select next row after removing one from list (#1063)
- Make smtp HELO/EHLO hostname configurable (#851)
- IPv6 Compati bility (#1023), Patch #1484373
- IPv6 Compata bility (#1023), Patch #1484373
- Unlock interface when message sending fails (#1188)
- Eval PHP code in template includes (if configured)
- Show message when folder is empty. Mo more static text in table (#1068)
@ -2983,7 +2361,7 @@ RELEASE 0.1-RC1
- Corrected date string in sent message header (closes #887)
- Correclty choose "To" column in sent and draft mailboxes (closes #769)
- Changed srong tooltips for message browse buttons (closes #757)
- Fixed signature delimi ter character to be standard (Bug #830)
- Fixed signature delime ter character to be standard (Bug #830)
- Fixed XSS vulnerability (Bug #877)
- Remove newlines from mail headers (Bug #827)
- Selection issues when moving/deleting (Bug #837)