Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-05 07:44:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,771 Commits 72 Branches 205 Tags
6ccc8cc0200bf50be2d26faa9921e8570c7fc4eb
Commit Graph

74 Commits

Author SHA1 Message Date
Aleksander Machniak
3488531b26 Fix PHP Warning: Use of undefined constant INTL_IDNA_VARIANT_UTS46 on servers without php-intl extension 2017-12-06 15:52:02 +01:00
Aleksander Machniak
ca39a4e093 Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated" with PHP 7.2 (#6075) 2017-12-03 10:41:41 +01:00
Aleksander Machniak
3196d656db Fix css conflicts in user interface and e-mail content (#5891) 
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
 2017-10-12 10:48:54 +02:00
Aleksander Machniak
5d16751ed8 Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview (#5580) 2017-10-01 11:58:11 +02:00
Thomas Bruederli
3723f3f178 Fix rcube_utils::random_bytes() to not throw exception for length=0 2017-09-29 15:35:12 +02:00
Aleksander Machniak
1fcf7bfab3 Fix bug where HTML messages with @media styles could moddify style of page body (#5811) 2017-06-28 08:26:05 +02:00
Aleksander Machniak
f0431c7475 Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure rcube_utils::random_bytes() result has always requested length (#5788) 2017-06-27 17:16:56 +02:00
Aleksander Machniak
27a621818d Make sure rcube_utils::resolve_url() does not add port 80 to the url 
...which might have happened with reverse proxies
 2017-06-06 11:47:44 +02:00
Aleksander Machniak
8f22c3287d Fix bug where comment notation within style tag would cause the whole style to be ignored (#5747) 2017-05-05 11:51:51 +02:00
Aleksander Machniak
9ff7b78c7e Fix conflict with _gid cookie of Google Analytics (#5748) 
TODO: Review the whole code base and don't use INPUT_GPC when it's not really needed,
      in most cases we should not read $_COOKIE.
 2017-05-04 11:40:42 +02:00
Thomas Bruederli
bf21557873 Better fix for XSS in style tags (b59ff5ca) 2017-03-10 10:44:51 +01:00
Aleksander Machniak
05aae4711c Replace xss_entity_decode_callback() method with lambda function 2017-03-09 12:05:11 +01:00
Aleksander Machniak
b59ff5cafb Fix XSS issue in handling of a style tag inside of an svg element 2017-03-09 11:45:22 +01:00
Aleksander Machniak
81f67a4de2 Don't use each() deprecated in PHP 7.2 2017-02-06 15:46:18 +01:00
Aleksander Machniak
dfd19206a4 sizeof() -> count() 2017-02-06 13:49:29 +01:00
Aleksander Machniak
7340360e79 Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580) 2017-01-07 09:59:42 +01:00
Aleksander Machniak
4e0532808d Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc (#5452) 
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
 2016-10-16 11:19:30 +02:00
Aleksander Machniak
195dc11855 Support host-specific imap_conn_options/smtp_conn_options/managesieve_conn_options (#5136) 2016-09-30 18:02:23 +02:00
Aleksander Machniak
dcabc1d814 Merge remote-tracking branch 'upstream/master' 
Conflicts:
	tests/Framework/Washtml.php
 2016-07-31 09:26:19 +02:00
Aleksander Machniak
c3fc072d97 Remove code related to magic_quotes_* and register_globals 
...they do not exist in PHP 5.4 which we now require.
 2016-07-29 13:34:50 +02:00
Aleksander Machniak
906cf101c3 Better time handling in rcube_utils::clean_datestr() 2016-07-29 12:40:15 +02:00
Aleksander Machniak
ec1525a1e6 Remove debug code 2016-07-29 12:26:23 +02:00
Aleksander Machniak
ed35267b9b Managesieve: Fix parsing of vacation date-time with non-default date_format (#5372) 
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
 2016-07-29 05:42:18 -04:00
Aleksander Machniak
f2eafda539 Fix bug where microsecond format in logged date didn't work in some cases 2016-06-12 09:16:54 +02:00
Aleksander Machniak
d61d33a12a Fix handling of --delete argument in moduserprefs.sh script (#5296) 2016-06-01 20:15:22 +02:00
Aleksander Machniak
6737e293bb Wash position:fixed style in HTML mail for better security (#5264) 2016-05-29 17:09:41 +02:00
Aleksander Machniak
cbe701ac4a Fix rcube_utils::words_match() to work with mixed/invalid/binary content (T844) 2015-11-18 13:27:00 +01:00
Aleksander Machniak
7e3298753a Use ternary operator where aplicable 2015-11-14 10:08:07 +01:00
Aleksander Machniak
a03233ceba CS fixes 2015-10-07 09:14:18 +02:00
Aleksander Machniak
b2b9b591ce Fix handling random_bytes() errors in PHP 7.0.0RC3 2015-09-18 20:17:07 +02:00
Aleksander Machniak
e85bbc9e9c random_bytes() can throw an exception in some cases, since PHP 7.0.0rc3 2015-09-10 16:57:12 +02:00
Aleksander Machniak
26086981a2 Improve randomness of security tokens (#1490529) 2015-09-08 17:38:19 +02:00
Aleksander Machniak
f00e1f5333 CS fixes 2015-08-25 11:16:39 +02:00
Aleksander Machniak
7a42173a16 Simplify rcube_utils::check_ip() 2015-08-13 09:04:19 +02:00
Aleksander Machniak
6b31846c43 Fix IPv6 address validation on PHP with disabled IPv6 support 2015-08-12 21:11:20 +02:00
Aleksander Machniak
93e64008a6 Small code improvements 2015-08-05 09:30:51 +02:00
Aleksander Machniak
8447bae77c Require Mbstring and OpenSSL extensions (#1490415) - remove redundant code 2015-06-28 12:27:48 +02:00
Aleksander Machniak
9aae1b7fc3 Fix so microseconds macro (u) in log_date_format works (#1490446) 2015-06-26 09:20:43 +02:00
Aleksander Machniak
a958748947 CS fixes 2015-06-07 15:26:33 +02:00
Aleksander Machniak
3994b3a26c Installer: Use openssl_random_pseudo_bytes() (if available) to generate des_key (#1490402) 2015-05-23 09:42:11 +02:00
Thomas Bruederli
c32998084d Add untility function to match strings ignoring word order 2015-03-03 14:54:36 +01:00
Thomas Bruederli
e8b82c2e7b Fix rcube_utils::normalize_string() to support unicode characters + add argument for minimum token length 2014-12-28 16:22:08 +01:00
Thomas Bruederli
09c58d1add Make rcube_utils::strtotime() timezone aware (#1490163) 2014-12-28 15:41:47 +01:00
Aleksander Machniak
787a421846 Fix rcube_utils::anytodatetime() with no timezone specified 2014-11-22 11:39:19 -05:00
Aleksander Machniak
848e204ef9 Fix validation of email addresses with IDNA domains (#1490067) 2014-09-13 12:36:54 +02:00
Aleksander Machniak
29c24e647c Get rid of DIRECTORY_SEPARATOR for consistency 2014-08-28 19:24:03 +02:00
Aleksander Machniak
5f58127eae Added rcube_utils::resolve_url() 2014-08-24 11:43:12 +02:00
Aleksander Machniak
75bbada03b Remove code for PHP<5.3, use PHP_VERSION_ID instead of version_compare() for version checks 2014-08-24 11:23:33 +02:00
Thomas Bruederli
cc850263d4 Add optional timezone argument for date conversion 2014-07-31 14:29:14 +02:00
Aleksander Machniak
49dad5f669 Fix broken normalize_string(), add support for ISO-8859-2 2014-05-27 11:39:31 +02:00