This is not optimal handling, but the most appropriate one as long as we don't actually support groups in
addresss-lists. This way users can at least see the group's display-name. And we don't strip text that might be relevant
to spot abusive emails.
Previously group-names were just removed, which makes it harder to spot such abusive emails.
* fix: Sanitize filename on download
* fix: filename encoding in the Content-Disposition header
This improves the handling of the filename* parameter in the Content-Disposition header. Now, the filename* parameter is only used when it differs from the fallback filename
* tests: Add test for the filename* parameter in Content-Disposition
* Allow to inject composer arguments into testing scripts
* Run unit tests with PHP v8.5, too
* Run browser tests with PHP 8.5, too
* Depend on php-cs-fixer v3.8, which supports PHP v8.4
* Run code style checks in CI on PHP v8.4
* Check for vars being set and not null before using them as array keys
* Use generic tag name in container image build script
The script is meant for locally building images (the CI workflow runs
other code), so we now use localhost/ as namespace.
* Check that variable is usable before using it as array key
This includes proper type declarations for the method arguments and its return value.
* Ensure that the input to chr() is between 0 and 255.
* Require guzzle v7.10.0, which supports PHP 8.5
* Update phpunit a little to decide when to fail on deprecations
PHPUnit 10.5.47 and later know the flag `--do-not-fail-on-deprecation`, which allows us to make it not exit with code 1
in case of deprecations on the second run of the script. That second run uses the lowest valid dependencies, which might
contain deprecations when used with newer versions of PHP, but still are acceptable versions, and should not make our
tests fail.
* Run message rendering tests with PHP v8.4 and v8.5, too
* Check explicitly for null-ness
0 would be a valid value here.
* Replace chr() by mb_chr() and remove the workaround
This implements rendering mime-types with content-type 'text/markdown'
and 'text/x-markdown' into HTML in the preview and show views (if not
"dispositioned" as "attachment"), but not in the get view for attached
files (the one opening attachments in an external window.)
* Check if "inline" msg part is actually referred to
If there's no reference to it in a sibling HTML part then we handle it
as a classic attachment (which is shown as downloadable).
* Fetch all msg headers also for images to always get Content-Location
Previously all headers were only fetched for message/rfc822, or
if the Content-Type's "name" parameter was set, or if a Content-ID was
set.
The RFC doesn't require neither the "name" parameter nor a Content-ID
for using Content-Location, though, so we shouldn't depend on those.
Instead now all headers are also fetched if the main part of the
Content-Type is "image", to catch more cases.
* Parse HTML for references only on demand
* Typos and comment formatting
* Don't skip test anymore
We want it tested!
* More MR tests with images
* Remove early special handling for "inline" images
We decide later, which attachment is considered "inline" and which
isn't.
* Remove early resolving of references in TNEF parts
* Testing message rendering of TNEF emails
* Don't use image disposition, it's unreliable
* Split adding raw parts and attachments
* Fix renaming variable
* Rename file to make its test be run
* Remove outdated script
* Annotate test cases with GitHub issue numbers
* Fix test case class name
* remove comment
* Test inline image message rendering
* Rename test file to reflect cases better
* Reduce image used in test email
It doesn't change much, but there's also no sense in decoding big images
that we don't use.
* Remove unused variable initialisation
