Allow help plugin to append a link to the error page for more information a...

Thomas Bruederli

2015-03-23 b9ac6ec263630abd3ac025fc000a52250e44c658

Allow help plugin to append a link to the error page for more information about CSRF protection

 plugins/help/config.inc.php.dist

@@ -33,3 +33,5 @@
// Determine whether to open the help in a new window
$config['help_open_extwin'] = false;

// URL to additional information about CSRF protection
$config['help_csrf_info'] = null;

 plugins/help/help.php

@@ -34,6 +34,7 @@
        $this->register_action('license', array($this, 'action'));

        $this->add_hook('startup', array($this, 'startup'));
        $this->add_hook('error_page', array($this, 'error_page'));
    }

    function startup($args)
@@ -140,6 +141,16 @@
        return $rcmail->output->frame($attrib);
    }

    function error_page($args)
    {
        $rcmail = rcmail::get_instance();

        if ($args['code'] == 403 && $rcmail->request_status == rcube::REQUEST_ERROR_URL && ($url = $rcmail->config->get('help_csrf_info'))) {
            $args['text'] .= '<p>' . html::a(array('href' => $url, 'target' => '_blank'), $this->gettext('csrfinfo')) . '</p>';
        }

        return $args;
    }

    private function resolve_language($path)
    {

 plugins/help/localization/en_US.inc

@@ -20,5 +20,6 @@
$labels['help'] = 'Help';
$labels['about'] = 'About';
$labels['license'] = 'License';
$labels['csrfinfo'] = 'Read more about CSRF and how we protect you';

?>