- Fix XSS vulnerability in UI messages (#1488030)
| | |
| | | CHANGELOG Roundcube Webmail |
| | | =========================== |
| | | |
| | | - Fix XSS vulnerability in UI messages (#1488030) |
| | | - Fix handling of email addresses with quoted local part (#1487939) |
| | | - Fix EOL character in vCard exports (#1487873) |
| | | - Added optional "multithreading" autocomplete feature |
| | |
| | | public function show_message($message, $type='notice', $vars=null, $override=true, $timeout=0) |
| | | { |
| | | if ($override || !$this->message) { |
| | | if (rcube_label_exists($message)) { |
| | | if (!empty($vars)) |
| | | $vars = array_map('Q', $vars); |
| | | $msgtext = rcube_label(array('name' => $message, 'vars' => $vars)); |
| | | } |
| | | else |
| | | $msgtext = $message; |
| | | |
| | | $this->message = $message; |
| | | $msgtext = rcube_label_exists($message) ? rcube_label(array('name' => $message, 'vars' => $vars)) : $message; |
| | | $this->command('display_message', $msgtext, $type, $timeout * 1000); |
| | | } |
| | | } |
| | |
| | | public function show_message($message, $type='notice', $vars=null, $override=true, $timeout=0) |
| | | { |
| | | if ($override || !$this->message) { |
| | | if (rcube_label_exists($message)) { |
| | | if (!empty($vars)) |
| | | $vars = array_map('Q', $vars); |
| | | $msgtext = rcube_label(array('name' => $message, 'vars' => $vars)); |
| | | } |
| | | else |
| | | $msgtext = $message; |
| | | |
| | | $this->message = $message; |
| | | $msgtext = rcube_label_exists($message) ? rcube_label(array('name' => $message, 'vars' => $vars)) : $message; |
| | | $this->command('display_message', $msgtext, $type, $timeout * 1000); |
| | | } |
| | | } |