githubFork/roundcubemail.git

Roundcubemail devel

Improve system security by using optional special URL with security token A...

Aleksander Machniak

2014-12-16 681ba6fc3c296cd6cd11050531b8f4e785141786

refs
author	Aleksander Machniak <alec@alec.pl>
	Tuesday, December 16, 2014 07:28 -0500
committer	Aleksander Machniak <alec@alec.pl>
	Tuesday, December 16, 2014 07:28 -0500
commit	681ba6fc3c296cd6cd11050531b8f4e785141786
tree	77cd99edc9536c1e85e5ee057d231aa3aa5e0aba tree \| zip \| gz
parent	53b7421d4419ce12c62d47e5b1231240cefdc3d5 view \| diff

Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests

22 files modified

	.htaccess	2 ●●●●● diff \| view \| raw \| blame \| history
	CHANGELOG	3 ●●●●● diff \| view \| raw \| blame \| history
	config/defaults.inc.php	22 ●●●●● diff \| view \| raw \| blame \| history
	index.php	41 ●●●●● diff \| view \| raw \| blame \| history
	plugins/acl/acl.js	27 ●●●●● diff \| view \| raw \| blame \| history
	plugins/acl/acl.php	12 ●●●●● diff \| view \| raw \| blame \| history
	plugins/legacy_browser/js/iehacks.js	2 ●●●●● diff \| view \| raw \| blame \| history
	plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php	10 ●●●●● diff \| view \| raw \| blame \| history
	program/include/rcmail.php	83 ●●●●● diff \| view \| raw \| blame \| history
	program/include/rcmail_output.php	1 ●●●●● diff \| view \| raw \| blame \| history
	program/include/rcmail_output_html.php	137 ●●●●● diff \| view \| raw \| blame \| history
	program/include/rcmail_output_json.php	5 ●●●●● diff \| view \| raw \| blame \| history
	program/js/app.js	24 ●●●●● diff \| view \| raw \| blame \| history
	program/js/editor.js	5 ●●●●● diff \| view \| raw \| blame \| history
	program/lib/Roundcube/rcube.php	112 ●●●●● diff \| view \| raw \| blame \| history
	program/steps/addressbook/delete.inc	5 ●●●●● diff \| view \| raw \| blame \| history
	program/steps/addressbook/func.inc	11 ●●●●● diff \| view \| raw \| blame \| history
	program/steps/addressbook/photo.inc	10 ●●●●● diff \| view \| raw \| blame \| history
	program/steps/mail/compose.inc	2 ●●●●● diff \| view \| raw \| blame \| history
	program/steps/mail/show.inc	8 ●●●●● diff \| view \| raw \| blame \| history
	program/steps/settings/func.inc	18 ●●●●● diff \| view \| raw \| blame \| history
	program/steps/utils/error.inc	12 ●●●●● diff \| view \| raw \| blame \| history