Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-14 12:06:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,905 Commits 72 Branches 205 Tags
63cd89dd5c62dbfbfed1e38e292aba4fa7c2cf5c
Commit Graph

139 Commits

Author SHA1 Message Date
Aleksander Machniak
c55adbaac9 PHP 8.5 compat. fix 2025-07-13 13:18:34 +02:00
Pablo Zmdl
0376f69e95 Validate URL parameter in upload code (#9866) 2025-06-01 09:18:54 +02:00
Philip Weir
cd42de335a Update links in comments and config to https where available (#9759) 2025-01-26 13:48:14 +01:00
Aleksander Machniak
df02322d6a Fix Oauth issues with use_secure_urls=true (#9722) 2024-12-03 12:36:18 +01:00
Aleksander Machniak
602a989697 Fix PHP warning (#9611) 2024-09-07 08:56:26 +02:00
Aleksander Machniak
83f56f1758 OAuth: Support standard authentication with short-living password received with OIDC token (#9530) 2024-09-02 13:42:53 +02:00
Aleksander Machniak
89c8fe9ae9 - Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008] 
Credits to Oskar Zeino-Mahmalat (Sonar) https://www.sonarsource.com
 2024-08-04 10:29:10 +02:00
Aleksander Machniak
68af7c864a Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] 
Credits to Oskar Zeino-Mahmalat (https://www.sonarsource.com)
 2024-08-04 10:29:02 +02:00
Aleksander Machniak
8eb583b499 Fix bug where "with attachment" filter could fail on some fts engines (#9514) 2024-07-21 13:57:40 +02:00
Aleksander Machniak
71804a8c53 Fix bug where some messages could get malformed in an import from a MBOX file (#9510) 2024-07-17 20:49:15 +02:00
Aleksander Machniak
cde4522c5c Fix cross-site scripting (XSS) vulnerability in handling list columns from user preferences 
Reported by Huy Nguyễn Phạm Nhật.
 2024-05-19 10:17:55 +02:00
Aleksander Machniak
3d04da2aab Fix PHP8 warnings (#9365) 2024-02-25 10:33:13 +01:00
Michael Voříšek
793664f568 Fix invalid phpdocs (#9252) 
* fix missing return type in phpdoc
* fix "phpdoc_scalar"
* Fix phpdoc variable names typos
* fix wrong phpdoc tags
 2023-12-13 19:55:05 +01:00
Aleksander Machniak
12a321bd7a Fix PHP8 warning (#9238) 2023-12-04 20:56:39 +01:00
Aleksander Machniak
3f33433a31 Fix PHP8 warning (#9235) 
And added tests for utils/modcss action
 2023-12-03 10:54:17 +01:00
Aleksander Machniak
81ac3c342a Fix cross-site scripting (XSS) vulnerability in setting Content-Type/Content-Disposition for attachment preview/download 
Thanks to rehme.infosec for reporting the issues.
 2023-11-04 17:52:34 +01:00
Aleksander Machniak
93989c0d87 Fix PHP string replacement error in utils/error.php (#9185) 2023-10-29 12:50:54 +01:00
Aleksander Machniak
5f80470858 Fix "Show source" on mobile with x_frame_options = deny (#9084) 2023-08-20 08:35:06 +02:00
Aleksander Machniak
33ff28080c Fix PHP8 warnings 2023-08-20 08:34:59 +02:00
Aleksander Machniak
54ef0fd0ca FIx PHP8 warning (#9071) 2023-07-23 16:30:21 +02:00
Aleksander Machniak
3ef3ea7cd8 Remove redundant comma 2023-06-08 20:43:07 +02:00
Aleksander Machniak
b69b75b6ef Remove redundant if() condition 2023-06-08 20:05:28 +02:00
Aleksander Machniak
31b1f4aea9 Fix bug where subfolders could loose subscription on parent folder rename (#8892) 2023-05-10 21:08:26 +02:00
Aleksander Machniak
93d263f927 Fix PHP8 warnings when using list_flags and list_cols properties by plugins (#8998) 2023-05-07 09:23:22 +02:00
Aleksander Machniak
3b67c1163f Fix QR code images for contacts with non-ASCII characters (#9001) 2023-05-04 07:35:30 +02:00
Aleksander Machniak
35d05168c8 Fix PHP warnings 2023-04-10 13:15:13 +02:00
Camilo Sperberg
1ba2377de4 Fix most common warnings RoundCube 1.6.1 (#8901) 2023-03-04 11:50:43 +01:00
Aleksander Machniak
772d7762a0 Fix duplicate recipients in "To" and "Cc" on reply (#8912) 2023-02-26 20:54:36 +01:00
Aleksander Machniak
087f5e7762 Fix missing mail composing textarea on reply/draft with a long plain text content (#8866) 2023-01-18 08:27:33 +01:00
anton-labunsky
e23641734b Fix SIGBUS raised in ImageMagick (#8511) 
Use unique filename for temporary file, when image thumbnail is rendered.
 2023-01-01 13:01:44 +01:00
Aleksander Machniak
590ac0783e Fix bug where "Invalid skin name" error was logged on preferences save if there's only one skin (#8825) 2022-12-31 15:30:46 +01:00
Aleksander Machniak
b2c94ae085 Fix bug array values could not be saved in utils/save_pref action (#8781) 2022-11-15 19:16:56 +01:00
Camilo Sperberg
d2a6c44380 Address most common warnings in PHP >= 8.0.0 (#8769) 2022-11-11 13:16:06 +01:00
Aleksander Machniak
3e8a9f3350 Fix undefined array key warning 2022-09-29 20:30:09 +02:00
Aleksander Machniak
dc901fa777 Fix regression where clicking on attachment would open and download the file 2022-08-28 13:32:16 +02:00
Aleksander Machniak
e167e4dac3 Fix bug where setting 'Clear Trash on Logout' to 'all messages' didn't work (#8687) 2022-08-23 19:48:37 +02:00
Aleksander Machniak
2009415d68 Fix duplicate Reply-To header in mail preview 
If there's Mail-Reply-To and Reply-To with the same value.
Also cleanup some code.
 2022-08-15 09:40:56 +02:00
Aleksander Machniak
0ff805598a Fix PHP8 warning (#8647) 2022-08-09 19:11:33 +02:00
Aleksander Machniak
8af9cf93b6 Fix various PHP 8.2 warnings 2022-08-06 09:22:32 +02:00
Aleksander Machniak
f6d765422d Disable email address spoofchecking on messages list 
.. do it only when opening the message, that's when we can display the warning.
 2022-07-09 19:08:32 +02:00
Aleksander Machniak
02c4d078c4 Fix various PHP 8.1 warnings (#8584) 2022-06-25 08:33:40 +02:00
Aleksander Machniak
720ba6f7a0 Update copyright year in the about dialog 
[skip ci]
 2022-05-07 15:28:14 +02:00
Aleksander Machniak
fa65a68389 Use ... oprator instead of func_get_args() for variadic functions 2022-04-27 19:21:00 +02:00
Aleksander Machniak
7fdea0089d Fix bug where DSN flag state wasn't stored with a draft (#8371) 2022-04-10 11:32:40 +02:00
Aleksander Machniak
a2aa107f1a Don't list images attached to multipart/related part as attachments (#7184) 2022-04-10 10:11:56 +02:00
Aleksander Machniak
5626e26c58 Fix slow loading of long HTML content into the HTML editor (#8108) 2022-04-03 12:30:16 +02:00
Aleksander Machniak
f429b26810 Fix various PHP8 warnings (#8392) 2022-01-11 19:04:24 +01:00
Aleksander Machniak
a5fd211712 Improve/Fix wrapping of plain text messages on preview and reply (#6974, #8391, #8378, #8289) 
In short, we always wrap, but we detect patches/diffs in the text and make them unwrappable.
 2022-01-09 16:29:09 +01:00
Aleksander Machniak
8419e55fe4 Fix some more PHP8 warnings (#8363) 2021-12-17 19:06:02 +01:00
Aleksander Machniak
c331431521 Fix some PHP8 compatibility issues (#8363) 2021-12-17 18:54:37 +01:00