From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 program/lib/Roundcube/rcube_browser.php |   29 ++++++++++++++++++-----------
 1 files changed, 18 insertions(+), 11 deletions(-)

diff --git a/program/lib/Roundcube/rcube_browser.php b/program/lib/Roundcube/rcube_browser.php
index e53e312..6b1448f 100644
--- a/program/lib/Roundcube/rcube_browser.php
+++ b/program/lib/Roundcube/rcube_browser.php
@@ -1,9 +1,9 @@
 <?php
 
-/*
+/**
  +-----------------------------------------------------------------------+
  | This file is part of the Roundcube Webmail client                     |
- | Copyright (C) 2007-2009, The Roundcube Dev Team                       |
+ | Copyright (C) 2007-2015, The Roundcube Dev Team                       |
  |                                                                       |
  | Licensed under the GNU General Public License version 3 or            |
  | any later version with exceptions for skins & plugins.                |
@@ -34,29 +34,36 @@
         $this->linux = strpos($HTTP_USER_AGENT, 'linux') != false;
         $this->unix  = strpos($HTTP_USER_AGENT, 'unix') != false;
 
-        $this->opera  = strpos($HTTP_USER_AGENT, 'opera') !== false;
+        $this->webkit = strpos($HTTP_USER_AGENT, 'applewebkit') !== false;
+        $this->opera  = strpos($HTTP_USER_AGENT, 'opera') !== false || ($this->webkit && strpos($HTTP_USER_AGENT, 'opr/') !== false);
         $this->ns     = strpos($HTTP_USER_AGENT, 'netscape') !== false;
-        $this->chrome = strpos($HTTP_USER_AGENT, 'chrome') !== false;
+        $this->chrome = !$this->opera && strpos($HTTP_USER_AGENT, 'chrome') !== false;
         $this->ie     = !$this->opera && (strpos($HTTP_USER_AGENT, 'compatible; msie') !== false || strpos($HTTP_USER_AGENT, 'trident/') !== false);
-        $this->safari = !$this->chrome && (strpos($HTTP_USER_AGENT, 'safari') !== false || strpos($HTTP_USER_AGENT, 'applewebkit') !== false);
-        $this->mz     = !$this->ie && !$this->safari && !$this->chrome && !$this->ns && strpos($HTTP_USER_AGENT, 'mozilla') !== false;
+        $this->safari = !$this->opera && !$this->chrome && ($this->webkit || strpos($HTTP_USER_AGENT, 'safari') !== false);
+        $this->mz     = !$this->ie && !$this->safari && !$this->chrome && !$this->ns && !$this->opera && strpos($HTTP_USER_AGENT, 'mozilla') !== false;
 
-        if (preg_match('/(chrome|msie|opera|version|khtml)(\s*|\/)([0-9.]+)/', $HTTP_USER_AGENT, $regs)) {
+        if ($this->opera) {
+            if (preg_match('/(opera|opr)\/([0-9.]+)/', $HTTP_USER_AGENT, $regs)) {
+                $this->ver = (float) $regs[2];
+            }
+        }
+        else if (preg_match('/(chrome|msie|version|khtml)(\s*|\/)([0-9.]+)/', $HTTP_USER_AGENT, $regs)) {
             $this->ver = (float) $regs[3];
         }
         else if (preg_match('/rv:([0-9.]+)/', $HTTP_USER_AGENT, $regs)) {
             $this->ver = (float) $regs[1];
         }
 
-        if (preg_match('/ ([a-z]{2})-([a-z]{2})/', $HTTP_USER_AGENT, $regs))
+        if (preg_match('/ ([a-z]{2})-([a-z]{2})/', $HTTP_USER_AGENT, $regs)) {
             $this->lang =  $regs[1];
-        else
+        }
+        else {
             $this->lang =  'en';
+        }
 
         $this->dom      = $this->mz || $this->safari || ($this->ie && $this->ver>=5) || ($this->opera && $this->ver>=7);
         $this->pngalpha = $this->mz || $this->safari || ($this->ie && $this->ver>=5.5) ||
-            ($this->ie && $this->ver>=5 && $this->mac) || ($this->opera && $this->ver>=7) ? true : false;
+            ($this->ie && $this->ver>=5 && $this->mac) || ($this->opera && $this->ver>=7);
         $this->imgdata  = !$this->ie;
     }
 }
-

--
Gitblit v1.9.1