Roundcubemail devel
parent: d4df37 | patch | commitdiff
Thomas Bruederli
2016-01-16 4a408843b0ef816daf70a472a02b78cd6073a4d5
refs
author Thomas Bruederli <thomas@roundcube.net>
Saturday, January 16, 2016 11:48 -0500
committer Aleksander Machniak <alec@alec.pl>
Sunday, March 6, 2016 08:31 -0500
commit4a408843b0ef816daf70a472a02b78cd6073a4d5
tree cacb8d3c24c016948b4f22b15e0f9d0402db81d5 tree | zip | gz
parent d4df3748cfaacadf52b19eb37b2a476df80525a9 view | diff 
Protect download urls against CSRF using unique request tokens (#1490642)
Send X-Frame-Options headers with every HTTP response
14 files modified
66 ■■■■ changed files
plugins/enigma/enigma.js 2 ●●● diff | view | raw | blame | history
plugins/enigma/lib/enigma_ui.php 2 ●●●●● diff | view | raw | blame | history
plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php 2 ●●●●● diff | view | raw | blame | history
plugins/managesieve/managesieve.js 2 ●●● diff | view | raw | blame | history
plugins/zipdownload/zipdownload.js 2 ●●● diff | view | raw | blame | history
plugins/zipdownload/zipdownload.php 6 ●●●● diff | view | raw | blame | history
program/include/rcmail.php 2 ●●●●● diff | view | raw | blame | history
program/include/rcmail_output_html.php 6 ●●●● diff | view | raw | blame | history
program/js/app.js 24 ●●●●● diff | view | raw | blame | history
program/lib/Roundcube/rcube_message.php 3 ●●●● diff | view | raw | blame | history
program/lib/Roundcube/rcube_output.php 5 ●●●●● diff | view | raw | blame | history
program/steps/addressbook/export.inc 2 ●●●●● diff | view | raw | blame | history
program/steps/mail/get.inc 4 ●●●● diff | view | raw | blame | history
program/steps/mail/viewsource.inc 4 ●●●● diff | view | raw | blame | history