From d0b981757ab416dfd182e6b91e7f9a66132116f9 Mon Sep 17 00:00:00 2001
From: vbenincasa <vbenincasa@gmail.com>
Date: Wed, 09 Jun 2010 15:08:15 -0400
Subject: [PATCH]  - Sanitize CSS universal selector from e-mails. Without this fix any message can play with the CSS from entire mail window or mail preview frame. Test case:  <style type="text/css">*{ background: #000; }</style>

---
 UPGRADING |   86 +++++++++++-------------------------------
 1 files changed, 23 insertions(+), 63 deletions(-)

diff --git a/UPGRADING b/UPGRADING
index 85666dc..329983d 100644
--- a/UPGRADING
+++ b/UPGRADING
@@ -1,67 +1,27 @@
-UPDATE instructions
-===================
+UPGRADING instructions
+======================
 
 Follow these instructions if upgrading from a previous version
-of RoundCube Webmail.
+of Roundcube Webmail. We recommend to carefully backup the existing
+installation as well as the database before executig the following steps.
+
+1. Replace index.php and all files in
+   - ./bin/
+   - ./SQL/
+   - ./program/
+   - ./installer/
+   - ./skins/default/
+   - ./plugins/
+2. Run ./bin/update.sh from the commandline OR
+   open http://url-to-roundcube/installer/ in a browser and choose "3 Test config".
+   To enable the latter one, you have to temporary set 'enable_installer' to true
+   in your local config/main.inc.php file.
+3. Let the update script/installer check your configuration and
+   update your config files as suggested by the updater.
+4. If suggested by the update script, run all commands in
+   ./SQL/[yourdbtype].update.sql that are superscribed with the
+   currently installed version number.
+5. Make sure 'enable_installer' is set to false again.
+6. Check .htaccess settings (some php settings could become required)
 
 
-
-from versions 0.1-alpha and 0.1-20050811
-----------------------------------------
-- replace index.php
-- replace all files in folder /program/
-- replace all files in folder /skins/default/
-- rund SQL queries in order to update the database
-- add these line to /config/main.inc.php
-  $rcmail_config['trash_mbox'] = 'Trash';
-  $rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
-  $rcmail_config['prefer_html'] = TRUE;
-  $rcmail_config['prettydate'] = TRUE;
-  $rcmail_config['smtp_port'] = 25;
-  $rcmail_config['default_port'] = 143;
-  $rcmail_config['session_lifetime'] = 20;
-  $rcmail_config['message_sort_col'] = 'date';
-  $rcmail_config['message_sort_order'] = 'DESC';
-- replace database properties (db_type, db_host, db_user, db_pass, $d_name)
-  in /config/db.inc.php with the following line:
-  $rcmail_config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcubemail';
-
-
-from version 0.1-20050820
-----------------------------------------
-- replace index.php
-- replace all files in folder /program/
-- replace all files in folder /skins/default/
-- rund SQL queries in order to update the database
-- add these line to /config/main.inc.php
-  $rcmail_config['prettydate'] = TRUE;
-  $rcmail_config['smtp_port'] = 25;
-  $rcmail_config['default_port'] = 143;
-  $rcmail_config['session_lifetime'] = 20;
-  $rcmail_config['message_sort_col'] = 'date';
-  $rcmail_config['message_sort_order'] = 'DESC';  
-- replace database properties (db_type, db_host, db_user, db_pass, $d_name)
-  in /config/db.inc.php with the following line:
-  $rcmail_config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcubemail';
-
-
-from version 0.1-20051007
-----------------------------------------
-- replace index.php
-- replace all files in folder /program/
-- replace all files in folder /skins/default/
-- add these lines to /config/main.inc.php
-  $rcmail_config['smtp_auth_type'] = '';  // if you need to specify an auth method for SMTP
-  $rcmail_config['session_lifetime'] = 20;  // to specify the session lifetime in minutes
-  $rcmail_config['message_sort_col'] = 'date';
-  $rcmail_config['message_sort_order'] = 'DESC';
-
-
-from version 0.1-20051021
-----------------------------------------
-- replace index.php
-- replace all files in folder /program/
-- replace all files in folder /skins/default/
-- add these lines to /config/main.inc.php
-  $rcmail_config['message_sort_col'] = 'date';
-  $rcmail_config['message_sort_order'] = 'DESC';

--
Gitblit v1.9.1