Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-04 07:14:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,249 Commits 72 Branches 205 Tags
a991e3181cc77ed2efdec7a2edfb88cd4635de02
Commit Graph

103 Commits

Author SHA1 Message Date
Aleksander Machniak
0a0ad2c9b7 Switch to IDNA2008 variant (#6806) 
After switching IDNA_NONTRANSITIONAL_TO_ASCII on, switch to
IDNA2008 variant in Net_LDAP2. Add test, update changelog.
 2019-06-16 12:03:27 +02:00
Max Bosse
f1d3f9ee44 Fix: Use IDNA_NONTRANSITIONAL_TO_UNICODE for idn_to_utf8 call 2019-06-16 10:41:25 +02:00
Max Boße
70c20740e7 Set 'IDNA_NONTRANSITIONAL_TO_ASCII' idn-option 2019-06-16 10:24:37 +02:00
Amir Caspi
6b5fa52ec1 Update rcube_utils::parse_host, fixes #6746 
Updated regexps used in parse_host to ensure that %t, %d, %z do not cut off domain and return only tld when underlying host has no subdomain (i.e., is just domain.tld rather than mail.domain.tld).  Update fixes #6746, now returns nothing shorter than domain.tld.

Also removed backslash from character class, period does not need to be escaped within character class.
 2019-05-19 08:32:26 +02:00
Aleksander Machniak
57c67db029 Remove year(s) from copyright headers + some cleanup 2019-04-16 10:42:45 +02:00
Aleksander Machniak
61eb78ad64 Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581) 2019-01-16 16:40:37 +01:00
Aleksander Machniak
afc68aae63 FIx temp_filename() regressions, update changelog, add note in UPGRADING 2018-11-07 16:51:25 +01:00
PhilW
e024f133fa give all temp files a constant prefix 2018-11-06 07:11:04 +00:00
Aleksander Machniak
2dcf50019c Merge branch 'master' into dev/elastic 2018-09-22 17:33:24 +02:00
Aleksander Machniak
c28242f63c Log errors caused by low pcre.backtrack_limit when sending a mail message (#6433) 2018-09-14 13:37:19 +02:00
Aleksander Machniak
796e5a17e6 Removed referer_check option (#6440) 2018-09-12 08:27:09 +02:00
Aleksander Machniak
cba1605949 Add http_only argument to rcube_utils::setcookie() 2018-07-02 15:56:07 +00:00
Aleksander Machniak
0716d499bc Fix bug where some escape sequences in html styles could bypass security checks 2018-05-05 17:12:18 +02:00
Aleksander Machniak
a889f55c31 Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244) 2018-04-12 09:39:33 +02:00
Aleksander Machniak
b2bebe531a Fix bug where usernames without domain part could be malformed or converted to lower-case on logon (#6224) 2018-04-10 09:24:29 +02:00
Aleksander Machniak
f36e23b778 Fix parsing date strings (e.g. from a Date: mail header) with comments (#6216) 2018-03-18 19:22:09 +01:00
Aleksander Machniak
0f3ad342f7 Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() (#6212) 2018-03-09 09:32:44 +01:00
Aleksander Machniak
a1be62b19d Remove redundant trim() 2018-02-15 08:59:59 +01:00
Aleksander Machniak
9d2b303b51 Fix bug in remote content blocking on HTML image and style tags (#6178) 2018-02-14 20:19:32 +01:00
Aleksander Machniak
b172fb505c Improve trusted_host_patterns code 2018-01-01 11:10:53 +01:00
Aleksander Machniak
4a5ca74724 Merge branch 'trusted-host-patterns' of https://github.com/dsoares/roundcubemail into dsoares-trusted-host-patterns 2018-01-01 10:26:09 +01:00
Daniel Kesselberg
a8d5547163 Update idn convertion methods (#6115) 
* Add more test cases
* Update phpdoc
 2017-12-31 13:22:48 +01:00
Aleksander Machniak
63a7d2313f Improve SMTPUTF8 support and fix relaxed email validation issues 2017-12-31 13:14:31 +01:00
Aleksander Machniak
5665344673 Merge branch 'smtputf8' of https://github.com/jprjr/roundcubemail into jprjr-smtputf8 2017-12-31 12:18:05 +01:00
Aleksander Machniak
3cdc8af297 Fix possible performance issue when parsing malformed and long Date header (#6087) 2017-12-12 21:22:22 +01:00
Aleksander Machniak
3488531b26 Fix PHP Warning: Use of undefined constant INTL_IDNA_VARIANT_UTS46 on servers without php-intl extension 2017-12-06 15:52:02 +01:00
Aleksander Machniak
ca39a4e093 Fix PHP warning "idn_to_utf8(): INTL_IDNA_VARIANT_2003 is deprecated" with PHP 7.2 (#6075) 2017-12-03 10:41:41 +01:00
dsoares
5282cbaff9 Check against trusted_host_patterns in rcube_utils::parse_host() 2017-11-07 14:39:57 +00:00
dsoares
50a9c8f777 Add option trusted_host_patterns 2017-10-21 12:56:47 +01:00
Aleksander Machniak
3196d656db Fix css conflicts in user interface and e-mail content (#5891) 
... by adding prefix to element/class identifiers
Also cleaned up some code and removed global variable use.
 2017-10-12 10:48:54 +02:00
Aleksander Machniak
5d16751ed8 Fix (again) bug where image data URIs in css style were treated as evil/remote in mail preview (#5580) 2017-10-01 11:58:11 +02:00
Thomas Bruederli
3723f3f178 Fix rcube_utils::random_bytes() to not throw exception for length=0 2017-09-29 15:35:12 +02:00
Aleksander Machniak
1fcf7bfab3 Fix bug where HTML messages with @media styles could moddify style of page body (#5811) 2017-06-28 08:26:05 +02:00
Aleksander Machniak
f0431c7475 Fix uninitialized string offset in rcube_utils::bin2ascii() and make sure rcube_utils::random_bytes() result has always requested length (#5788) 2017-06-27 17:16:56 +02:00
Aleksander Machniak
27a621818d Make sure rcube_utils::resolve_url() does not add port 80 to the url 
...which might have happened with reverse proxies
 2017-06-06 11:47:44 +02:00
Aleksander Machniak
8f22c3287d Fix bug where comment notation within style tag would cause the whole style to be ignored (#5747) 2017-05-05 11:51:51 +02:00
Aleksander Machniak
9ff7b78c7e Fix conflict with _gid cookie of Google Analytics (#5748) 
TODO: Review the whole code base and don't use INPUT_GPC when it's not really needed,
      in most cases we should not read $_COOKIE.
 2017-05-04 11:40:42 +02:00
Thomas Bruederli
bf21557873 Better fix for XSS in style tags (b59ff5ca) 2017-03-10 10:44:51 +01:00
Aleksander Machniak
05aae4711c Replace xss_entity_decode_callback() method with lambda function 2017-03-09 12:05:11 +01:00
Aleksander Machniak
b59ff5cafb Fix XSS issue in handling of a style tag inside of an svg element 2017-03-09 11:45:22 +01:00
Aleksander Machniak
81f67a4de2 Don't use each() deprecated in PHP 7.2 2017-02-06 15:46:18 +01:00
Aleksander Machniak
dfd19206a4 sizeof() -> count() 2017-02-06 13:49:29 +01:00
Aleksander Machniak
7340360e79 Fix bug where image data URIs in css style were treated as evil/remote in mail preview (#5580) 2017-01-07 09:59:42 +01:00
Aleksander Machniak
4e0532808d Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc (#5452) 
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
 2016-10-16 11:19:30 +02:00
Aleksander Machniak
195dc11855 Support host-specific imap_conn_options/smtp_conn_options/managesieve_conn_options (#5136) 2016-09-30 18:02:23 +02:00
Aleksander Machniak
dcabc1d814 Merge remote-tracking branch 'upstream/master' 
Conflicts:
	tests/Framework/Washtml.php
 2016-07-31 09:26:19 +02:00
Aleksander Machniak
c3fc072d97 Remove code related to magic_quotes_* and register_globals 
...they do not exist in PHP 5.4 which we now require.
 2016-07-29 13:34:50 +02:00
Aleksander Machniak
906cf101c3 Better time handling in rcube_utils::clean_datestr() 2016-07-29 12:40:15 +02:00
Aleksander Machniak
ec1525a1e6 Remove debug code 2016-07-29 12:26:23 +02:00
Aleksander Machniak
ed35267b9b Managesieve: Fix parsing of vacation date-time with non-default date_format (#5372) 
Added new method rcube_utils::format_datestr() to convert date_format date
into ISO date format.
 2016-07-29 05:42:18 -04:00