Pablo Zmdl
46d25161dc
Test message rendering ( #9460 )
2024-12-19 19:01:25 +01:00
Aleksander Machniak
ae1d028b89
Silence the new phpstan error
2024-08-21 11:11:33 +02:00
Aleksander Machniak
40a4a71b67
Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009]
...
Credits to Oskar Zeino-Mahmalat (https://www.sonarsource.com )
2024-08-04 10:25:49 +02:00
Pablo Zmdl
8f9f1f12cd
Filter "real" attachments by being referenced ( #9472 )
...
* Filter "real" attachments by being referenced
This changes the way in which attachments are determined to be shown as
such ("standalone"), or not ("inline").
In theory this should be determined by their Content-Disposition, but in
reality this often doesn't work.
Now we check if the Content-ID or Content-Location of the attachment is
actually being used in other parts of the message. If not, the
attachment is considered to be "standalone".
* Consider all mime-parts to check if message is empty
Previously only `parts` and `body` were checked, so mime-parts that were
classified into `attachments` and `inline_parts` didn't count – thus
messages that contained only those parts were shown blank.
2024-07-21 13:12:57 +02:00
Michael Voříšek
6a5f9ee7ce
Add override method attributes ( #9272 )
2024-06-02 15:57:56 +02:00
Aleksander Machniak
e086c2c97c
Code improvements
2024-04-07 09:20:52 +02:00
Aleksander Machniak
a1f39f47b7
Fix phpstan errors
2024-02-10 19:20:04 +01:00
Michael Voříšek
d18406a8bd
Fix binary operator spaces CS ( #9330 )
...
* align_single_space_minimal for assign
* assign operators grouping is not supported by PHP CS Fixer
* binary_operator_spaces = single_space
* fix anonymous function on single line
* align comments manually
2024-02-02 07:53:34 +01:00
Michael Voříšek
ff2d721680
Fix more CS whitespace ( #9318 )
...
* fix "no_useless_else" manually
* fix some "blank_line_before_statement"
* two manual changes
* Revert "fix some "blank_line_before_statement""
This reverts commit 2cc857c00e .
* fix some "blank_line_before_statement" using patched fixer (after "}" only)
* fix continue/break too
2024-01-25 19:17:29 +01:00
Michael Voříšek
4ee79b9e84
fix "explicit_string_variable" ( #9315 )
2024-01-22 08:05:59 +01:00
Michael Voříšek
6a53a1d853
Fix CS (whitespace, visibility) ( #9297 )
...
* Fix "method_argument_space"
* Fix "control_structure_continuation_position"
* Fix "new_with_parentheses"
* Fix "blank_line_before_statement"
* Fix "visibility_required"
* Fix some "array_indentation"
* Fix some "array_indentation" - unify all "rcube::raise_error" calls
* rm useless eslint ignores and add rules counts
* sort eslint ignores
* fix eslint ignores grammar
* Revert "Fix "blank_line_before_statement""
* fix CS 3.46.0
2024-01-04 14:26:35 +01:00
Michael Voříšek
2643be3eaa
Fix single quotes CS ( #9283 )
...
* Fix "single_quote"
* fix "escape_implicit_backslashes"
* fix typo from f363481c
* fix single quotes in JS
* fix some minor JS CS
* fix CS v3.45.0
2023-12-31 16:36:55 +01:00
Michael Voříšek
28c778b7a0
Modernize more CS III ( #9270 )
...
* fix "single_trait_insert_per_statement"
* fix "empty_loop_condition"
* fix "backtick_to_shell_exec"
* fix "phpdoc_to_comment"
* fix "no_empty_statement"
* fix "heredoc_to_nowdoc"
* fix "class_reference_name_casing"
* fix "align_multiline_comment"
* fix "heredoc_indentation"
* fix "constant_case"
* fix "single_line_comment_style"
* fix "no_null_property_initialization"
* fix "standardize_increment"
* fix "no_unneeded_control_parentheses"
* fix missing NL after "<?php"
* fix php in *.sh files too
* fix trailing spaces from all text files
* fix "explicit_indirect_variable"
* Revert "fix "align_multiline_comment""
This reverts commit 42e584f8e3 .
* fix "align_multiline_comment" properly
* Revert "fix trailing spaces from all text files" - diff files only
* Revert "Revert "fix trailing spaces from all text files" - diff files only"
This reverts commit 2101c2a3a3 .
* rm useless "setup-php" config
2023-12-18 07:46:51 +01:00
Michael Voříšek
e7d7e62146
Modernize more basic CS II ( #9254 )
...
* fix "integer_literal_case"
* fix "phpdoc_separation"
* fix "phpdoc_var_without_name"
* fix "operator_linebreak"
* fix "no_alias_language_construct_call"
* fix "list_syntax"
* fix "concat_space"
* fix "array_syntax"
* fix "binary_operator_spaces"
* fix "binary_operator_spaces" relaxed
* fix "phpdoc_types_order"
* fix "phpdoc_trim"
* fix "native_type_declaration_casing"
* fix "method_chaining_indentation"
* fix "phpdoc_no_package"
* fix "elseif"
* fix PHP CS Fixer config itself too
* fix "native_type_declaration_casing"
2023-12-17 13:14:45 +01:00
Michael Voříšek
ca8b17d191
Modernize more basic CS ( #9258 )
...
* fix "yoda_style"
* fix "is_null"
* rm useless rule ignores
* add full "PhpCsFixer:risky" ruleset
* fix "implode_call"
* fix "no_alias_functions"
* fix "array_push"
* fix "long_to_shorthand_operator"
* fix "ternary_to_elvis_operator"
* fix "logical_operators"
* fix "fopen_flags"
* rename "returns" phpdoc tags to "return"
* fix "php_unit_construct"
* fix "function_to_constant"
* fix "php_unit_data_provider_return_type"
* fix "php_unit_set_up_tear_down_visibility"
* some safe "string_length_to_empty"
* fix "phpdoc_align"
* fix "phpdoc_no_alias_tag"
* fix "trailing_comma_in_multiline"
---------
Co-authored-by: Aleksander Machniak <alec@alec.pl >
2023-12-17 09:51:11 +01:00
Michael Voříšek
a8707ae220
Fix and assert basic CS using CI ( #9246 )
...
* Assert CS using CI
* fix "single_blank_line_at_eof"
* fix "statement_indentation"
* fix "switch_case_semicolon_to_colon"
* fix "control_structure_braces"
* fix "statement_indentation"
* fix "no_whitespace_in_blank_line"
* fix "no_trailing_whitespace_in_comment"
* fix "no_trailing_whitespace"
* fix "single_space_around_construct"
* fix "spaces_inside_parentheses"
* fix "ternary_operator_spaces"
* fix "trim_array_spaces"
* fix "whitespace_after_comma_in_array"
* fix "cast_spaces"
* fix "unary_operator_spaces"
* fix "no_trailing_comma_in_singleline"
* fix "ordered_imports"
* fix "no_unused_imports"
* Check composer.json format
* fix CI job name
* file header comments are not phpdoc
* fix "phpdoc_indent"
* fix "braces_position"
* fix "phpdoc_types"
* fix "no_blank_lines_after_class_opening"
* fix "no_multiple_statements_per_line"
* fix "multiline_comment_opening_closing"
* fix "single_line_empty_body"
* fix "non_printable_character"
* fix "phpdoc_trim_consecutive_blank_line_separation"
* fix "include"
* fix "no_mixed_echo_print"
---------
Co-authored-by: Aleksander Machniak <alec@alec.pl >
2023-12-16 15:37:43 +01:00
Aleksander Machniak
5723849978
Remove 'alt' attribute for contact photo images
...
Loading a contact photo may take a while, displaying the alt text looks ugly
and is redundant.
2023-06-04 10:29:14 +02:00
Camilo Sperberg
02cdea4e4b
Fix most common warnings RoundCube 1.6.1 ( #8901 )
2023-03-04 11:41:51 +01:00
Aleksander Machniak
fd4fb61d8c
Fix regression where clicking on attachment would open and download the file
2022-08-28 11:56:04 +02:00
Aleksander Machniak
8c487d9b56
Fix duplicate Reply-To header in mail preview
...
If there's Mail-Reply-To and Reply-To with the same value.
Also cleanup some code.
2022-08-14 10:30:02 +02:00
Aleksander Machniak
e247209280
Fix various PHP 8.1 warnings ( #8584 )
2022-06-25 08:33:03 +02:00
Aleksander Machniak
a2aa107f1a
Don't list images attached to multipart/related part as attachments ( #7184 )
2022-04-10 10:11:56 +02:00
Aleksander Machniak
61b334f6b1
Fix bug with show_images setting where option 1 and 3 were swapped ( #8268 )
2021-10-29 12:48:07 +02:00
Aleksander Machniak
a14098ac81
Fix bug where adding a contact to trusted senders via "Always allow from..." button didn't work ( #8264 , #8268 )
...
...if the contact already existed in Personal addresses (or another default contacts source)
2021-10-28 14:39:34 +02:00
Aleksander Machniak
7337e7608e
Identicon: Make background color of the image to match the current skin colors ( #8256 )
2021-10-25 12:34:22 +02:00
Aleksander Machniak
f2688ba492
Use ?? operator where applicable
2021-09-21 19:12:06 +02:00
Aleksander Machniak
7a269a2b84
Replace get_input_value() with get_input_string() where appropriate
2021-09-13 19:31:49 +02:00
Aleksander Machniak
6110b2c67a
Fix handling of headers that occur multiple times by show_additional_headers plugin ( #8157 )
2021-08-04 08:29:28 +02:00
Aleksander Machniak
9d60ee1675
Remove debug code
2021-06-02 12:46:24 +02:00
Aleksander Machniak
ed17ce58b1
Remove (incorrect) use of Return-Receipt-To header ( #8069 )
2021-05-22 09:13:42 +02:00
Aleksander Machniak
9e735cb544
Vcard_attachments: Improve handling of multiple contacts ( #7027 )
2021-05-16 11:04:35 +02:00
Aleksander Machniak
c8a4b61e53
Fix so "Always allow from..." button appears also when allow_images=3 ( #7961 )
2021-04-11 11:00:23 +02:00
Aleksander Machniak
b913d2fbde
Add IDN homograph attack (spoofing) detection [CVE-2019-15237] ( #6891 )
2021-03-21 09:25:57 +01:00
Aleksander Machniak
79b5343563
Fix handling of address groups in email headers by ignoring their names ( #7663 )
2021-02-06 16:41:50 +01:00
Aleksander Machniak
5aa0d09def
Add array_first() helper, fix some code issues
2020-12-20 09:44:17 +01:00
johndoh
9e739faac5
Return 204 rather than 404 on missing contact photo ( #7778 )
...
* return 204 rather than 404 on missing contact photo
* a little code cleanup
* don't use blank.gif as placeholder, use data: uri instead
2020-12-19 10:10:54 +01:00
Aleksander Machniak
17ae3693c3
PHP8 fixes + fix fatal error when refreshing compose page in forward-as-attachment state
2020-12-18 19:27:25 +01:00
Aleksander Machniak
8eb382b4ca
PHP8 fixes
2020-12-11 20:29:41 +01:00
Aleksander Machniak
f4ed1024dc
PHP8 fixes, CS fixes, short array syntax, tests
2020-12-02 20:15:00 +01:00
Aleksander Machniak
545a1569f1
Steps -> Actions refactoring ( #7688 )
...
* Move action handling code to rcmail class
* Add rcmail_action class
* Add action aliases
* Get rid of $OUTPUT global
* Move some methods from rcmail to rcmail_action
* PHP8 compat. fixes
* Add framework for testing actions
* Fix obvious code mistakes
2020-11-01 11:25:38 +01:00