Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-04 07:14:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,570 Commits 72 Branches 205 Tags
master
Commit Graph

13 Commits

Author SHA1 Message Date
Aleksander Machniak
8dac75abbd Fix CSS injection vulnerability reported by CERT Polska 2026-02-08 09:24:29 +01:00
Aleksander Machniak
42794a40aa Support request_url config option for resolving relative URLs (#9868) 2026-01-01 15:14:18 +01:00
Aleksander Machniak
7a3843f9b7 Support X-Forwarded-Host/X-Forwarded-Port in self URLs generation (#9952) 2026-01-01 12:57:02 +01:00
Aleksander Machniak
dc4ffea1d0 CS fix 2025-12-14 09:15:49 +01:00
Aleksander Machniak
7c3267b9b0 Fix Information Disclosure vulnerability in the HTML style sanitizer 
reported by somerandomdev
 2025-12-14 09:02:25 +01:00
Aleksander Machniak
a0d0f5e72e Fix parsing of inline styles that aren't well-formatted (#9948) 2025-08-03 11:28:53 +02:00
Pablo Zmdl
c069be5897 Validate URL parameter in upload code (#9865) 2025-06-01 09:17:23 +02:00
Aleksander Machniak
c396e79aae - Fix connecting to LDAP using ldapi:// URI (#8990) 2025-05-25 09:40:50 +02:00
Aleksander Machniak
94fd5a0f80 CS fixes (for the new fixer version rules) 2025-02-23 11:51:27 +01:00
Aleksander Machniak
c99dcacddb - Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010] 
Credits to Oskar Zeino-Mahmalat (https://www.sonarsource.com)
 2024-08-04 10:27:18 +02:00
Michael Voříšek
6377477eb2 Add PHPUnit 10.x and 11.x support (#9480) 
* Add PHPUnit 10.x and 11.x support

* fix undefined TestCase::getName() for PHPUnit 10+

* Add PHPUnit attributes but keep annotations
 2024-06-13 18:40:29 +02:00
Michael Voříšek
f4272804d6 Rename test files for PHPUnit 10+ (#9477) 2024-06-05 07:46:51 +02:00
Michael Voříšek
736795326c Fix plugins composer.json format (#9405) 
* Check plugins composer.json using CI

* Add "require-dev" and "config.allow-plugins" to plugins

* fix composer.json format - rm invalid email

* fix composer.json format - fix ext require

* fix composer.json format - fix plugin name

* tmp

* Revert "tmp"

* fix ext in ext install

* disable plugin in plugin install until Roundcube is fully autoloadable

* fix composer.json format - fix non-canonical license name

* Revert "Add "require-dev" and "config.allow-plugins" to plugins"

* no composer install for plugins needed

* Revert "fix ext in ext install"

* add standard "Test" suffix to phpunit files

* rm unneeded "suffix" in phpunit config

* simplify phpunit config

* fix default "xhtml" doctype in unit testing

* fix test_format_date test to not rely on other tests

* even more phpunit config simplify

* stricter/unify phpunit params for E2E tests

* run E2E tests on maximal php version too with lowest deps

* "repositories" in bundled plugins are useless as for root package only

* add/unify missing plugin test
 2024-04-05 17:55:46 +02:00