From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
plugins/zipdownload/zipdownload.js | 50 +++++++++++++++++++++++++++-----------------------
1 files changed, 27 insertions(+), 23 deletions(-)
diff --git a/plugins/zipdownload/zipdownload.js b/plugins/zipdownload/zipdownload.js
index 0e0249d..6f918d2 100644
--- a/plugins/zipdownload/zipdownload.js
+++ b/plugins/zipdownload/zipdownload.js
@@ -1,5 +1,18 @@
/**
* ZipDownload plugin script
+ *
+ * @licstart The following is the entire license notice for the
+ * JavaScript code in this file.
+ *
+ * Copyright (c) 2013-2014, The Roundcube Dev Team
+ *
+ * The JavaScript code in this page is free software: you can redistribute it
+ * and/or modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation, either version 3 of
+ * the License, or (at your option) any later version.
+ *
+ * @licend The above is the entire license notice
+ * for the JavaScript code in this file.
*/
window.rcmail && rcmail.addEventListener('init', function(evt) {
@@ -9,7 +22,7 @@
rcmail.register_command('download-maildir', function() { rcmail_zipdownload('maildir'); });
// commands status
- rcmail.message_list.addEventListener('select', function(list) {
+ rcmail.message_list && rcmail.message_list.addEventListener('select', function(list) {
var selected = list.get_selection().length;
rcmail.enable_command('download', selected > 0);
@@ -30,21 +43,10 @@
link.html('').append(span);
}
- span.addClass('folder-selector-link').text(rcmail.gettext('zipdownload.download'));
-
+ span.text(rcmail.get_label('zipdownload.download'));
rcmail.env.download_link = link;
});
-
- // hide menu on click out of menu element
- var fn = function(e) {
- var menu = $('#zipdownload-menu');
- if (e.target != menu.get(0))
- menu.hide();
- };
- $(document.body).on('mouseup', fn);
- $('iframe').contents().on('mouseup', fn)
- .load(function(e) { try { $(this).contents().on('mouseup', fn); } catch(e) {}; });
-});
+ });
function rcmail_zipdownload(mode)
@@ -52,7 +54,7 @@
// default .eml download of single message
if (mode == 'eml') {
var uid = rcmail.get_single_uid();
- rcmail.goto_url('viewsource', {_uid: uid, _mbox: rcmail.get_message_mailbox(uid), _save: 1});
+ rcmail.goto_url('viewsource', rcmail.params_from_uid(uid, {_save: 1}), false, true);
return;
}
@@ -65,7 +67,13 @@
post._token = rcmail.env.request_token;
$.each(post, function(k, v) {
- inputs.push($('<input>').attr({type: 'hidden', name: k, value: v}));
+ if (typeof v == 'object' && v.length > 1) {
+ for (var j=0; j < v.length; j++)
+ inputs.push($('<input>').attr({type: 'hidden', name: k+'[]', value: v[j]}));
+ }
+ else {
+ inputs.push($('<input>').attr({type: 'hidden', name: k, value: v}));
+ }
});
if (!form.length)
@@ -81,14 +89,10 @@
}
// display download options menu
-function rcmail_zipdownload_menu()
+function rcmail_zipdownload_menu(e)
{
- // fix menu style and display menu
- var z_index = rcmail.env.download_link.parents('.popupmenu').css('z-index'),
- menu = $('#zipdownload-menu').css({'max-height': 'none', 'z-index': z_index + 1}).show();
-
- // position menu on the screen
- rcmail.element_position(menu, rcmail.env.download_link);
+ // show (sub)menu for download selection
+ rcmail.command('menu-open', 'zipdownload-menu', e && e.target ? e.target : rcmail.env.download_link, e);
// abort default download action
return false;
--
Gitblit v1.9.1