Mirrors/roundcubemail
2
0
Fork 0
mirror of https://github.com/roundcube/roundcubemail.git synced 2026-03-03 14:54:01 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,869 Commits 72 Branches 205 Tags
dfc835eb38a08615a8d7b8d5d5700a08fe01ef7e
Commit Graph

105 Commits

Author SHA1 Message Date
Aleksander Machniak
b00d5c3836 Automatically localize data-label-* attributes of a template object 2018-01-18 11:33:11 +01:00
Aleksander Machniak
83bd85677b Remove x_frame_options env 2018-01-07 08:55:46 +01:00
Aleksander Machniak
55a1d6ef1b Make search form's aria label to also support plugin localization (via label-domain property) 2017-12-21 11:43:41 +01:00
Aleksander Machniak
38d275445d Plugin API: Add 'write' argument to 'render_page' hook 2017-12-18 12:04:42 +01:00
Aleksander Machniak
46e2e7e16c CS fix 2017-12-06 15:50:58 +01:00
Aleksander Machniak
758044d69e Add skin config options to dont_override list 
... so e.g. options in user preferences will be hidden.
 2017-11-28 16:32:01 +01:00
Aleksander Machniak
1cf72fa2b6 Allow plugins to include Less files (#6051) 2017-11-20 13:48:07 +01:00
Aleksander Machniak
ef0982f1b8 Merge branch 'master' into dev-elastic 2017-10-28 18:24:54 +02:00
JohnDoh
a8f0d35ebc Extend disabled_actions config so it accepts also button names (#5903) 2017-10-21 08:48:34 +02:00
Aleksander Machniak
d815525c6a Merge branch 'master' into dev-elastic 2017-10-20 13:34:25 +02:00
Aleksander Machniak
22b30de5d9 Fix bug where assets_path wasn't added to some watermark frames 2017-10-04 09:27:23 +02:00
Aleksander Machniak
3a77c906a1 Merge branch 'master' into dev-elastic 2017-09-10 13:28:47 +02:00
Aleksander Machniak
13d203303e Refactored Help plugin to use frames, added Elastic skin support 2017-08-02 19:13:19 +02:00
Aleksander Machniak
5d398d4d00 Add version number to the client environment 2017-07-30 10:09:50 +00:00
Aleksander Machniak
4b2f2b6b3b Use about:blank instead of blank.gif for empty iframes 2017-07-05 13:58:53 +02:00
Aleksander Machniak
86a4d78369 Merge branch 'dev-elastic' 2017-07-02 16:47:54 +02:00
Aleksander Machniak
8fff21deb5 Fix POST parameter reflection in default_charset selector (#5768) 2017-05-26 08:46:59 +02:00
Aleksander Machniak
9858c2a294 Merge branch 'master' into dev-elastic 2017-05-14 13:32:35 +02:00
Aleksander Machniak
51fb3bfa58 Support including files with path relative to templates dir 2017-04-20 16:09:56 +02:00
Aleksander Machniak
559254d6ee Use <button> instead of <input> for submit button on logon screen 2017-04-04 15:00:12 +02:00
Aleksander Machniak
51dffcda86 Skip <script> element if it has no content 2017-03-26 19:17:38 +02:00
Aleksander Machniak
f03839b24b Add support for 'link' objects in templates (with conditions) 
.. to simplify conditional <link> tags injection while nested 'if' objects do not work
 2017-03-22 12:15:39 +01:00
Aleksander Machniak
71ff264b02 Support conditional include 2017-03-20 11:47:38 +01:00
ka7
9a35768c26 spelling fixes (#5690) 2017-03-12 12:14:19 +01:00
Aleksander Machniak
38067f61da Get rid of data-popup-pos 2017-03-06 16:49:37 +01:00
Aleksander Machniak
adbab9d3e2 Merge branch 'master' into dev-elastic 2017-03-03 09:14:44 +01:00
Aleksander Machniak
e2d80479d6 Make possible to set (some) config options from a skin 2017-02-26 15:31:06 +01:00
Aleksander Machniak
f29fd706cf Get back to eval() 
We used create_function() before but it's deprecated in PHP 7.2
and really it was just a wrapper on eval().
 2017-02-06 15:13:41 +01:00
Aleksander Machniak
8131629c6e Extended unified searchform object for templates engine 2017-01-14 10:35:44 +01:00
Aleksander Machniak
cc10cbe039 Make button object to be a <button> by default 2017-01-13 11:17:05 +01:00
Aleksander Machniak
369b44d94a Fix unsetting template objects 
Fixes compatibility with some plugins e.g. kolab_addressbook which
call parse() method (for sub-templates) while parsing the main template
 2016-12-27 04:46:36 -05:00
Aleksander Machniak
e17fcf1649 Support ALLOW-FROM in x_frame_options (#5122) 2016-11-11 12:56:38 +01:00
Aleksander Machniak
d02e6ea45e Fix so templating system does not mess with external (e.g. email) content (#5499) 2016-11-07 13:39:43 +01:00
Aleksander Machniak
edea8732a6 Fix regression where UI object could be not created on some pages (#5484) 2016-10-20 15:48:42 +02:00
Aleksander Machniak
f43f5bf93f Use JSON_PRETTY_PRINT in devel_mode 
This effectively makes PHP 5.4 a real requirement
 2016-10-18 10:42:49 +02:00
Aleksander Machniak
638afafbd2 Make so rcmail.log() depends on devel_mode (#5193) 2016-10-04 17:19:45 +02:00
Victor Benincasa
daeb66ee99 Fix login form 
Fix a small bug introduced on commit 43f3c5f that breaks the login form ($attrib['form'] is checked at line 1899, so it cannot be unset).
 2016-08-26 05:31:28 -03:00
Aleksander Machniak
43f3c5fb2a Implement "one click" attachment upload (#5024) 2016-08-20 19:38:48 +02:00
Aleksander Machniak
184de7735c CS fixes (mostly phpdoc) 2016-08-18 08:50:59 +02:00
Thomas Bruederli
4a408843b0 Protect download urls against CSRF using unique request tokens (#1490642) 
Send X-Frame-Options headers with every HTTP response
 2016-03-06 14:31:07 +01:00
Aleksander Machniak
10e5192a2b Fix path traversal vulnerability in setting a skin (#1490620) 2015-12-22 12:40:36 +01:00
dsoares
234fd19505 Replace deprecated call to Q within array_map() 2015-10-26 16:13:14 +00:00
Aleksander Machniak
93e64008a6 Small code improvements 2015-08-05 09:30:51 +02:00
Aleksander Machniak
252cc4c4ac Password: Allow temporarily disabling the plugin functionality with a notice 2015-07-27 10:47:34 +02:00
Aleksander Machniak
a958748947 CS fixes 2015-06-07 15:26:33 +02:00
Thomas Bruederli
0bd99db08d Localize common error messages; improve explanation for CSRF check failures 2015-03-23 18:33:40 +01:00
Aleksander Machniak
681ba6fc3c Improve system security by using optional special URL with security token 
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
 2014-12-16 13:28:48 +01:00
Thomas Bruederli
8d526c4938 Fix skin path handling in plugin context (#1488967): 
The plugin skin directories are removed again from the search path after parsing of a plugin template has finished.
 2014-11-03 16:15:44 +01:00
Aleksander Machniak
1ffab0ad4a Fix possible issues in skin/skin_path config handling (#1490125) 2014-10-30 12:34:16 +01:00
Thomas Bruederli
8ef203827f Make noshow attribute for roundcube:label tags actually work as supposed 2014-09-18 09:01:30 +02:00