Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-03 06:44:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,471 Commits 72 Branches 205 Tags
compose-args-optional
Commit Graph

211 Commits

Author SHA1 Message Date
Aleksander Machniak
3139bff247 CS-Fixer: Enable modernize_strpos 2025-08-15 13:20:24 +02:00
Michael Voříšek
026eb8c801 Enforce leading backslash for non-namespaced non-Roundcube uses (#9935) 2025-08-15 10:27:00 +02:00
Philip Weir
b9d4fdfadf Use htmleditor config for indentity signature (#9954) 2025-08-10 10:50:42 +02:00
Philip Weir
18345fca73 Use asset_url() instead of get_skin_file() for deleteicon on contact edit form (#9933) 2025-07-26 16:07:56 +02:00
Aleksander Machniak
060fc95672 PHP 8.5 compat. fixes 2025-07-13 13:17:30 +02:00
Pablo Zmdl
5cab1c5b1d Render text/markdown mimeparts as HTML (#9899) 
This implements rendering mime-types with content-type 'text/markdown'
and 'text/x-markdown' into HTML in the preview and show views (if not
"dispositioned" as "attachment"), but not in the get view for attached
files (the one opening attachments in an external window.)
 2025-06-19 17:01:09 +02:00
0xsysr3ll
709a890306 Ensure proper HTTP status codes for error responses (#9886) 2025-06-15 08:43:06 +02:00
Philip Weir
946ba021b8 Add keep_formatting_default setting (#9892) 2025-06-15 08:01:06 +02:00
Pablo Zmdl
c069be5897 Validate URL parameter in upload code (#9865) 2025-06-01 09:17:23 +02:00
Aleksander Machniak
f7d8852d17 Use str_starts_with() where applicable 2025-03-30 11:32:38 +02:00
Philip Weir
e37709c5e8 Add enable_autolink option for HTML editor (#9818, #9762) 2025-03-24 18:24:46 +01:00
Aleksander Machniak
94fd5a0f80 CS fixes (for the new fixer version rules) 2025-02-23 11:51:27 +01:00
Pablo Zmdl
6d51c21931 Exit through sendExit() (#9784) 
That way it's testable.
 2025-02-19 17:55:04 +01:00
Philip Weir
ccede1f272 Update links in comments and config to https where available (#9759) 2025-01-26 13:34:57 +01:00
Pablo Zmdl
46d25161dc Test message rendering (#9460) 2024-12-19 19:01:25 +01:00
PhilW
b5047f71a5 remove pointless variable 2024-11-20 19:16:19 +00:00
PhilW
85bcfe644a small improvement to invalid vcard logging 2024-11-20 19:16:19 +00:00
PhilW
178c4c13e1 add invalid and error details to vcard import report 2024-11-20 19:16:19 +00:00
Michael Voříšek
efcdce84ba Keep phpstan strict rules testing (#9424) 
* Revert "Get rid of phpstan/phpstan-strict-rules"

This reverts commit ff59ade31a.

* drop phpstan baseline

* fix foreach phpstan issue

* adjust for rebase

* fix method call case

* ignore one phpstan error even after isset
 2024-11-20 08:13:16 +01:00
Stefan
3cff118366 Remove year numbers in user visible places (#9603) 
To not have to update it every year or getting it wrong as in 1.6.8 I proposed to use the server year as copyright end year. During pull request, @alecpl suggested siply removing the years alltogether as they don't provide much value.

Co-authored-by: stefan-muc <roundcube-git_24@green-sparklet.de>
 2024-09-18 13:51:22 +02:00
Pablo Zmdl
6b64eabd69 Merge pull request #9606 from johndoh/vcard_import2 
compare both email and name before skipping vcard import
 2024-09-12 15:09:41 +02:00
Aleksander Machniak
e36dd3a500 Fix PHP warning (#9611) 2024-09-07 08:52:52 +02:00
Aleksander Machniak
7371c815d1 Fix displaying an authorization error message (if error_description is empty) 2024-09-04 15:30:25 +02:00
PhilW
9e5a18e390 compare both email and name before skipping vcard import 2024-08-25 11:23:29 +01:00
Aleksander Machniak
ae1d028b89 Silence the new phpstan error 2024-08-21 11:11:33 +02:00
Aleksander Machniak
78cc630987 - Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008] 
Credits to Oskar Zeino-Mahmalat (https://www.sonarsource.com)
 2024-08-04 10:26:40 +02:00
Aleksander Machniak
40a4a71b67 Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] 
Credits to Oskar Zeino-Mahmalat (https://www.sonarsource.com)
 2024-08-04 10:25:49 +02:00
Aleksander Machniak
7b68ad13c2 Fix bug where "with attachment" filter could fail on some fts engines (#9514) 2024-07-21 13:54:56 +02:00
Pablo Zmdl
8f9f1f12cd Filter "real" attachments by being referenced (#9472) 
* Filter "real" attachments by being referenced

This changes the way in which attachments are determined to be shown as
such ("standalone"), or not ("inline").
In theory this should be determined by their Content-Disposition, but in
reality this often doesn't work.
Now we check if the Content-ID or Content-Location of the attachment is
actually being used in other parts of the message. If not, the
attachment is considered to be "standalone".

* Consider all mime-parts to check if message is empty

Previously only `parts` and `body` were checked, so mime-parts that were
classified into `attachments` and `inline_parts` didn't count – thus
messages that contained only those parts were shown blank.
 2024-07-21 13:12:57 +02:00
Aleksander Machniak
8653e4726a Make phpstan happy 2024-07-17 20:51:21 +02:00
Aleksander Machniak
a8218b1eeb Fix bug where some messages could get malformed in an import from a MBOX file (#9510) 2024-07-17 20:34:55 +02:00
Pablo Zmdl
3c7a28f657 Shortcut to authorize current domain for Mailvelope (#9500) 
This facilitates using Mailvelope (properly, i.e. with API-access) a
lot, because people don't have to manually add their domain into
Mailvelope's options but just click a button.
 2024-07-08 18:39:38 +02:00
Michael Voříšek
6a5f9ee7ce Add override method attributes (#9272) 2024-06-02 15:57:56 +02:00
Philip Weir
31a19aa0a7 Contacts: add more gender options (#9430) 
* contacts: add more gender options
* add label for other gender
 2024-06-01 09:27:30 +02:00
Aleksander Machniak
9ca8aa6680 Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences 
Reported by Huy Nguyễn Phạm Nhật.
 2024-05-19 10:15:30 +02:00
Aleksander Machniak
cfd108399e Simplify use of rcube::raise_error() 2024-05-17 15:43:17 +02:00
Philip Weir
0c0f9fe8cf Add skin info to about dialog (#9441) 2024-05-16 16:53:27 +02:00
Michael Voříšek
a30e0ad438 Infer file/line location in rcube::raise_error() from backtrace (#9422) 
* \n\s+'file' => __FILE__,

* \n\s+'line' => __LINE__,

* 'line' => __LINE__, 'file' => __FILE__,

* 'file' => __FILE__, 'line' => __LINE__,

* rest

* more

* improve cs

* more cs

* revert rcube_utils::preg_error changes

* impl file/line from backtrace

* Revert "revert rcube_utils::preg_error changes"
 2024-04-21 11:48:35 +02:00
Aleksander Machniak
ff59ade31a Get rid of phpstan/phpstan-strict-rules 2024-04-21 11:33:51 +02:00
Aleksander Machniak
c7af820d3e Use draft settings (like DSN) on "Edit as new" (#9349) 2024-04-14 10:11:12 +02:00
Michael Voříšek
1e360999b2 Use composer autoloader for bundled plugins testing (#9412) 
* use fixed "roundcube/plugin-installer"

* Use composer autoloader for plugins testing

* cherrypick remaining from 9241 related with testing

* minor legacy autoload improvements
 2024-04-11 18:28:46 +02:00
Aleksander Machniak
e086c2c97c Code improvements 2024-04-07 09:20:52 +02:00
Aleksander Machniak
5c603344fe Code improvements 2024-04-01 11:50:56 +02:00
Aleksander Machniak
ec4e4a0028 Fix tests 2024-03-30 15:14:38 +01:00
Aleksander Machniak
8adb052d35 Code improvements, PHPDoc fixes 2024-03-30 14:17:34 +01:00
Aleksander Machniak
58d28297a3 Code improvements, PHPDoc fixes 2024-03-29 16:18:20 +01:00
Aleksander Machniak
8133acba68 Code improvements (and fixes to recent commits) 2024-03-24 12:06:39 +01:00
Aleksander Machniak
a1f39f47b7 Fix phpstan errors 2024-02-10 19:20:04 +01:00
Aleksander Machniak
966274d835 Fix phpstan errors 2024-02-09 21:11:50 +01:00
Michael Voříšek
332c165d28 Fix some basic JS CS (#9328) 
* fix "nonblock-statement-body-position" (fixed already)

* fix "comma-dangle"

* fix "no-regex-spaces"

* fix "new-parens"

* fix "object-curly-newline"

* fix "object-property-newline"

* fix "spaced-comment" semimanually

* fix "no-constant-condition" manually

* fix "unicorn/no-hex-escape"

* fix "unicorn/escape-case"

* fix "quote-props"

* fix "no-whitespace-before-property" - fix bug/typo

* fix "unicorn/empty-brace-spaces"

* fix "keyword-spacing"

* fix "dot-notation"

* fix "no-return-assign" manually

* fix "padding-line-between-statements"

* fix "key-spacing"

* fix "no-else-return" semimanually

* fix some "no-undef"

* fix case cs

* Revert "fix "padding-line-between-statements""

* improve switch/case format I.

* improve switch/case format II.

regex: (^ *(break|return).*)\n *(\n)

* fix safe "eqeqeq"

* fix "radix"

* fix v3.49.0 CS (static providers)

* fix "string_implicit_backslashes" in php files

* fix comments align

* fix test static providers

* fix stan

* disable "final_internal_class" rule
 2024-02-06 08:28:19 +01:00