This moves the warning icon that is triggered by the homograph check from the generic "notification area" (between
headers and body) to the header area, before the address that the warning is referring to.
The previous warning left it unclear which address was found to be problematic, which now is obvious.
Additionally there's now a test to check for these warnings to show up in the DOM.
Previously the display-name was stripped, but we should rather show it
so people can judge themselves. We insert a
warning icon with a help text to draw the attention to it.
This is not optimal handling, but the most appropriate one as long as we don't actually support groups in
addresss-lists. This way users can at least see the group's display-name. And we don't strip text that might be relevant
to spot abusive emails.
Previously group-names were just removed, which makes it harder to spot such abusive emails.
* fix: Sanitize filename on download
* fix: filename encoding in the Content-Disposition header
This improves the handling of the filename* parameter in the Content-Disposition header. Now, the filename* parameter is only used when it differs from the fallback filename
* tests: Add test for the filename* parameter in Content-Disposition
* Allow to inject composer arguments into testing scripts
* Run unit tests with PHP v8.5, too
* Run browser tests with PHP 8.5, too
* Depend on php-cs-fixer v3.8, which supports PHP v8.4
* Run code style checks in CI on PHP v8.4
* Check for vars being set and not null before using them as array keys
* Use generic tag name in container image build script
The script is meant for locally building images (the CI workflow runs
other code), so we now use localhost/ as namespace.
* Check that variable is usable before using it as array key
This includes proper type declarations for the method arguments and its return value.
* Ensure that the input to chr() is between 0 and 255.
* Require guzzle v7.10.0, which supports PHP 8.5
* Update phpunit a little to decide when to fail on deprecations
PHPUnit 10.5.47 and later know the flag `--do-not-fail-on-deprecation`, which allows us to make it not exit with code 1
in case of deprecations on the second run of the script. That second run uses the lowest valid dependencies, which might
contain deprecations when used with newer versions of PHP, but still are acceptable versions, and should not make our
tests fail.
* Run message rendering tests with PHP v8.4 and v8.5, too
* Check explicitly for null-ness
0 would be a valid value here.
* Replace chr() by mb_chr() and remove the workaround
This implements rendering mime-types with content-type 'text/markdown'
and 'text/x-markdown' into HTML in the preview and show views (if not
"dispositioned" as "attachment"), but not in the get view for attached
files (the one opening attachments in an external window.)
