3fd363672c
bump version
3 years ago
f429b26810
Fix various PHP8 warnings ( #8392 )
4 years ago
eec0d2b578
Display a generic error page on initial DB/configuration errors ( #8222 )
4 years ago
6f435ecb52
Fix fatal error/warning on invalid input to user parameter ( #8152 )
Added a new utility method: rcube_utils::get_input_string()
4 years ago
b4fd75d6c1
Master is 1.6-git now
4 years ago
0d676625d8
Fix PHP8 warning
4 years ago
5ec509f87e
FIX PHP8 fatal error and some warnings ( #7931 )
4 years ago
b3677c3e0b
Fix oauth action run
5 years ago
cfd4fa170f
Fix a few PHP notices ( #7791 )
5 years ago
dcfd12e98a
CS fixes, potential PHP8 warning ( #7781 )
5 years ago
545a1569f1
Steps -> Actions refactoring ( #7688 )
* Move action handling code to rcmail class
* Add rcmail_action class
* Add action aliases
* Get rid of $OUTPUT global
* Move some methods from rcmail to rcmail_action
* PHP8 compat. fixes
* Add framework for testing actions
* Fix obvious code mistakes
5 years ago
f95212d626
PHP8: More warnings fixed
5 years ago
c9beef0bc2
Check if OAuth is enabled before including `oauth.inc` step file
5 years ago
1e6a2f4f49
Basic support for OAuth2 user login and IMAP/SMTP authentication
- Add "Login with XXX" button to login screen if oauth is configured
- Perform OAuth login procedure and get an access token
- Implement XOAUTH2 authentication type for IAMP and SMTP
Requires a patched and not yet released version of Net_SMTP.
6 years ago
8344f07d7f
Fix CSRF bypass that could be used to log out an authenticated user ( #7302 )
5 years ago
ee1f01a0df
Fix so 401 error is returned only on failed logon requests ( #7010 )
6 years ago
508e83470c
Master is 1.5-git now
6 years ago
b8555ce4f3
Fix so 401 error is returned only on failed logon requests ( #7010 )
6 years ago
9f1d185c44
Master is 1.5-git now
6 years ago
f1a83f923d
Added cookie mismatch detection, display an error message informing the user to clear cookies
6 years ago
57c67db029
Remove year(s) from copyright headers + some cleanup
6 years ago
11216a1925
Changed 'password_charset' default to 'UTF-8' ( #6522 )
7 years ago
186f21c4c1
Avoid Referer leaking by using Referrer-Policy:same-origin header ( #6385 )
Added 'common_headers' hook
7 years ago
f1ee6d7906
Plugin API: Add possibility to specify HTTP return code via 'unauthenticated' hook
7 years ago
e4ccc2bb48
Update copyright year in few places
7 years ago
fb2f213d6f
Add id attribute to the installer warning
8 years ago
2cb9de358b
Return "401 Unauthorized" status when login fails ( #5663 )
8 years ago
e51fa197bb
Remove unused variable
8 years ago
5101cfc67a
Bump version to 1.4-git
8 years ago
f78e2a4367
Add 1.3-beta milestone + update copyright year
9 years ago
ad9a55f8cb
Support hostname and hostname:port in force_https option ( #5511 )
9 years ago
24b4ca52cf
Fix so "Action disabled" error uses more appropriate 404 code ( #5440 )
9 years ago
b77efcd104
Fix typo
9 years ago
85082c88c7
CS fixes
9 years ago
9634169647
Bump version number to 1.3-beta
9 years ago
a15d877ba8
Added brute-force attack prevention via login rate limit ( #1490566 )
10 years ago
1b39d9a6c7
PHP7: Fixed some E_WARNING errors that previously were E_STRICT
10 years ago
36bd93f138
PHP7: Fixed some E_WARNING errors that previously were E_STRICT
10 years ago
4b72a1f498
Fix error when using back button after sending an email ( #1490009 )
10 years ago
a958748947
CS fixes
10 years ago
3779b67a9c
Set version number to 1.2-git
11 years ago
2f8b1036da
Bump version and copyright year
11 years ago
681ba6fc3c
Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests
11 years ago
c45507e317
Fix login error message display broken in b51de327
11 years ago
b51de3279f
Display custom error messages from plugins hooks (as documented in the API spec)
11 years ago
a873d934f5
Give precedence to plugin.* actions over custom tasks registered by plugins
11 years ago
d01f9fc7f5
Add option (disabled_actions) to disable UI elements/actions ( #1489638 )
11 years ago
7e7e451b66
Warn for unsent/unsaved message when closing compose window; remove localStorage copy if page was left intentionally but not on session errors ( #1489818 )
11 years ago
d19a9b35cc
Remove obsolete code that disables session check on 'send' action
11 years ago
ba5c53e5c3
Send X-UA-Compatible as HTTP header instead of meta tag
11 years ago
Aleksander Machniak