Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-03 06:44:03 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,916 Commits 72 Branches 205 Tags
d07b032bcd90108e3df5b9fcddc4d97ff08cbbd5
Commit Graph

365 Commits

Author SHA1 Message Date
PhilW
26f1b0770c use skinned alert boxes 2017-11-16 20:54:40 +00:00
PhilW
b897fe9349 use skined confirmation boxes where possible 2017-11-16 20:54:24 +00:00
Aleksander Machniak
2a32f51c91 Fix file disclosure vulnerability caused by insuficient input validation in relation with attachment plugins (#6026) 2017-11-08 11:03:19 +01:00
Aleksander Machniak
cfed954a46 Fix bug where Chrome could not upload the same file that was selected before (#5854) 
... and removed the cancel hack that is not needed anymore.
 2017-07-14 08:44:49 +02:00
Aleksander Machniak
86a4d78369 Merge branch 'dev-elastic' 2017-07-02 16:47:54 +02:00
Aleksander Machniak
7b4b36b16c Plugin API: Added 'show_bytes' hook (#5001) 2017-06-25 12:56:22 +02:00
Aleksander Machniak
9858c2a294 Merge branch 'master' into dev-elastic 2017-05-14 13:32:35 +02:00
Aleksander Machniak
34446e00ca Fix bug where namespace prefix could not be truncated on folders list if show_real_foldernames=true (#5695) 2017-04-01 09:46:46 +02:00
ka7
9a35768c26 spelling fixes (#5690) 2017-03-12 12:14:19 +01:00
Aleksander Machniak
adbab9d3e2 Merge branch 'master' into dev-elastic 2017-03-03 09:14:44 +01:00
Aleksander Machniak
81f67a4de2 Don't use each() deprecated in PHP 7.2 2017-02-06 15:46:18 +01:00
Aleksander Machniak
879f1dd2a0 Register some labels, add one localization label 2017-01-19 19:34:54 +01:00
Aleksander Machniak
25de39d444 Merge branch 'dev-remove-js-deps' 2016-12-30 20:27:46 +01:00
Aleksander Machniak
2733258d2b Load 'close' label for dialogs by default 2016-12-11 16:23:31 +01:00
Aleksander Machniak
5e1da48d0c Remove external javascript code from the git repo, add jsdeps.sh script (#5535) 2016-12-03 18:26:15 +01:00
Aleksander Machniak
ecfe177173 CS fixes, use $this instead of local variable 2016-10-29 11:17:00 +02:00
Aleksander Machniak
e3b61cd487 Plugin API: Added get_compose_responses hook (#5457) 2016-10-29 10:59:39 +02:00
Aleksander Machniak
571a10751f Display error when trying to upload more files than specified in max_file_uploads (#5483) 2016-10-20 11:29:50 +02:00
Aleksander Machniak
4e0532808d Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc (#5452) 
Added memcache_max_allowed_packet and apc_max_allowed_packet settings
 2016-10-16 11:19:30 +02:00
Aleksander Machniak
650ac8befb Fix displaying size of attachments with zero size 2016-09-10 09:58:23 +02:00
Aleksander Machniak
32e5a6bbcf Fix bug where folder creation could fail if personal namespace contained more than one entry (#5403) 
+ small code improvements
 2016-08-26 09:25:24 +02:00
Aleksander Machniak
873e0353cf Use smart-upload-button for messages and contact photos upload 
Unified interface with rcmail::upload_form().
 2016-08-24 12:54:30 +02:00
Aleksander Machniak
184de7735c CS fixes (mostly phpdoc) 2016-08-18 08:50:59 +02:00
Aleksander Machniak
ebc2f5dc7d Add possibility to rename attachments in mail compose (#4996) 
... and fix some small issues related to the new compose attachment menu feature
 2016-07-30 09:05:49 +02:00
Aleksander Machniak
8a13615e9e Add possibility to preview and download attachments in mail compose (#5053) 2016-07-28 19:08:19 +02:00
Aleksander Machniak
4361a95820 Fix missing localization of HTML editor when assets_dir != INSTALL_PATH 2016-07-19 12:05:41 +02:00
Aleksander Machniak
a0f38f5fd8 Small code style improvements 2016-04-12 13:46:30 +02:00
Aleksander Machniak
4e6f3019f5 Enigma: Handle encrypted/signed content inside message/rfc822 attachments 2016-03-25 13:25:44 +01:00
Thomas Bruederli
4a408843b0 Protect download urls against CSRF using unique request tokens (#1490642) 
Send X-Frame-Options headers with every HTTP response
 2016-03-06 14:31:07 +01:00
Aleksander Machniak
a15d877ba8 Added brute-force attack prevention via login rate limit (#1490566) 2015-11-11 18:53:43 +01:00
Aleksander Machniak
454b0b1ca9 Remove deprecated rcmail and rcube_imap methods 2015-11-05 09:17:28 +01:00
Aleksander Machniak
2aa9ee56fd Fix so disabling emoticons plugin really removes emoticons button from HTML editor 2015-10-27 17:18:23 +01:00
Aleksander Machniak
a5c03db798 Security: Added options to validate username/password on logon (#1490500) 2015-10-18 09:37:46 +02:00
Aleksander Machniak
c1bbf0d0b6 After failed login wait a second to slow down brute-force attacks (#1490549) 2015-10-17 13:37:11 +02:00
Aleksander Machniak
26086981a2 Improve randomness of security tokens (#1490529) 2015-09-08 17:38:19 +02:00
Aleksander Machniak
e2f605d44d Fallback to C locale 2015-09-04 10:13:25 +02:00
Aleksander Machniak
3c29c7e858 Fix various issues with Turkish (and similar) locales (#1490519) 2015-09-04 10:09:47 +02:00
Aleksander Machniak
c4daf3f14f Fix regression in converting signatures to text, fixed PHP warning in html2text() call 2015-08-30 18:41:13 +02:00
Aleksander Machniak
a63f14ec40 Emoticons-related code refactoring 
- Emoticons: All emoticons-related functionality is handled by the plugin now
- Emoticons: Added option to switch on/off emoticons in compose editor (#1485732)
- Emoticons: Added option to switch on/off emoticons in plain text messages
- Plugin API: Added disabled_plugins an disabled_buttons options in html_editor hook
- Plugin API: Added html2text hook
 2015-08-29 07:52:57 +02:00
Aleksander Machniak
1b39d9a6c7 PHP7: Fixed some E_WARNING errors that previously were E_STRICT 2015-08-08 09:32:24 +02:00
Aleksander Machniak
08bb20f261 Don't use deprecated functions/constants (from bc.inc) 2015-08-02 20:16:46 +02:00
Aleksander Machniak
9d78c68cbf Fix so imap folder attribute comparisons are case-insensitive (#1490466) 
+ make in_array_nocase() much faster for ASCII strings
 2015-07-29 20:38:21 +02:00
Aleksander Machniak
a958748947 CS fixes 2015-06-07 15:26:33 +02:00
Aleksander Machniak
b782815dac Fix XSS vulnerability in _mbox argument handling (#1490417) 2015-05-30 17:37:06 +02:00
Aleksander Machniak
03aa84f784 Fix bug where some files could have "executable" extension when stored in temp folder (#1490377) 2015-05-17 14:52:24 +02:00
Aleksander Machniak
216b31dd99 Fix so "over quota" errors are displayed also in message compose page 
This also fixes over quota responses on cyrus imap which uses "Over quota" string and no error identifier.
 2015-02-25 05:24:05 -05:00
Aleksander Machniak
3665d1e8ec Merge pull request #259 from corbosman/plugin_preload 
Plugin preload
 2015-02-19 08:31:43 +01:00
corbosman
de89d46be2 Load plugins before sessions have started 
Move the plugin loading phase to before sessions have started allowing plugins to add session drivers.  Plugins that want to use this should define an "onload" method in their plugins. This method does not have access to variables like $task as they are not yet initialised at that time.
 2015-02-04 13:17:51 +01:00
Aleksander Machniak
c6efcf5e6d Fix blocked.gif image usage with assets_dir set 2015-01-12 05:44:28 -05:00
Aleksander Machniak
7259529fad Get rid of requests whitelist for security check bypass 2014-12-16 13:34:48 +01:00