From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports

---
 skins/classic/templates/compose.html |   55 +++++++++++++++++++++++++++++++++++++++----------------
 1 files changed, 39 insertions(+), 16 deletions(-)

diff --git a/skins/classic/templates/compose.html b/skins/classic/templates/compose.html
index 6ca5e2c..aef064e 100644
--- a/skins/classic/templates/compose.html
+++ b/skins/classic/templates/compose.html
@@ -10,16 +10,14 @@
 <script type="text/javascript" src="/splitter.js"></script>
 <style type="text/css">
 #compose-contacts { width: <roundcube:exp expression="!empty(cookie:composesplitterv1) ? cookie:composesplitterv1-5 : 195" />px; }
-#compose-container { left: <roundcube:exp expression="!empty(cookie:composesplitterv1) ? cookie:composesplitterv1+5 : 205" />px;
-<roundcube:exp expression="browser:ie ? ('width: expression((parseInt(this.parentNode.offsetWidth)-'.(!empty(cookie:composesplitterv1) ? cookie:composesplitterv1+5 : 200).')+\\'px\\');') : ''" />
-}
+#compose-container { left: <roundcube:exp expression="!empty(cookie:composesplitterv1) ? cookie:composesplitterv1+5 : 205" />px; }
 </style>
 </head>
 <roundcube:if condition="env:extwin" />
-<body class="extwin" onload="rcube_init_mail_ui()">
+<body class="extwin">
 <roundcube:object name="message" id="message" />
 <roundcube:else />
-<body onload="rcube_init_mail_ui()">
+<body>
 <roundcube:include file="/includes/taskbar.html" />
 <roundcube:include file="/includes/header.html" />
 <roundcube:endif />
@@ -31,27 +29,29 @@
     <roundcube:button command="list" type="link" class="button back" classAct="button back" classSel="button backSel" title="backtolist" content=" " />
 <roundcube:endif />
     <roundcube:button command="send" type="link" class="buttonPas send" classAct="button send" classSel="button sendSel" title="sendmessage" content=" " />
+    <roundcube:button name="addattachment" type="link" class="button attach" classAct="button attach" classSel="button attachSel" title="addattachment" onclick="rcmail_ui.show_popup('uploadmenu', true);return false" content=" " />
+    <roundcube:button command="insert-sig" type="link" class="buttonPas insertsig" classAct="button insertsig" classSel="button insertsigSel" title="insertsignature" content=" " />
+    <roundcube:button command="savedraft" type="link" class="buttonPas savedraft" classAct="button savedraft" classSel="button savedraftSel" title="savemessage" content=" " />
 <roundcube:if condition="config:enable_spellcheck" />
     <span class="dropbutton">
         <roundcube:button command="spellcheck" type="link" class="buttonPas spellcheck" classAct="button spellcheck" classSel="button spellcheckSel" title="checkspelling" content=" " />
         <span id="spellmenulink" onclick="rcmail_ui.show_popup('spellmenu');return false"></span>
     </span>
 <roundcube:endif />
-    <roundcube:button name="addattachment" type="link" class="button attach" classAct="button attach" classSel="button attachSel" title="addattachment" onclick="rcmail_ui.show_popup('uploadmenu', true);return false" content=" " />
-    <roundcube:button command="insert-sig" type="link" class="buttonPas insertsig" classAct="button insertsig" classSel="button insertsigSel" title="insertsignature" content=" " />
-    <roundcube:button command="savedraft" type="link" class="buttonPas savedraft" classAct="button savedraft" classSel="button savedraftSel" title="savemessage" content=" " />
+    <a href="#responses" class="button responses" label="responses" title="<roundcube:label name='insertresponse' />" id="responsesmenulink" unselectable="on" onmousedown="return false" onclick="rcmail_ui.show_popup('responsesmenu');return false">&nbsp;</a>
+    <roundcube:button command="compose-encrypted" type="link" class="buttonPas encrypt disabled" classAct="button encrypt" classSel="button encrypt" title="encryptmessagemailvelope" content=" " style="display:none" />
     <roundcube:container name="toolbar" id="compose-toolbar" />
     <roundcube:button name="messageoptions" id="composemenulink" type="link" class="button messagemenu" title="messageoptions" onclick="rcmail_ui.show_popup('composemenu', true);return false" content=" " />
 </div>
 
-<form name="form" action="./" method="post">
+<roundcube:form name="form" method="post">
 
 <div id="mainscreen">
 
 <div id="compose-contacts">
 <div class="boxtitle"><roundcube:label name="contacts" /></div>
 <div class="boxlistcontent">
-    <div id="quicksearchbar">
+    <div class="searchbox">
         <img id="searchmenulink" src="/images/icons/glass.png" width="16" height="16" />
         <roundcube:object name="searchform" id="quicksearchbox" form="true" tabindex="13" />
         <roundcube:button command="reset-search" id="searchreset" image="/images/icons/reset.gif" title="resetsearch" width="13" height="13" />
@@ -136,7 +136,7 @@
     </div>
     <div id="compose-div">
         <div id="compose-body-div">
-            <div class="boxlistcontent" style="overflow: hidden; top: 0">
+            <div id="compose-body-parent" class="boxlistcontent" style="overflow: hidden; top: 0">
                 <roundcube:object name="composeBody" id="compose-body" form="form" cols="70" rows="20" tabindex="9" />
             </div>
             <div class="boxfooter">
@@ -175,20 +175,39 @@
 
 <div id="composeoptionsmenu" class="popupmenu">
     <table>
+    <roundcube:if condition="!in_array('mdn_default', (array)config:dont_override)" />
     <tr>
         <td><label for="rcmcomposereceipt"><roundcube:label name="returnreceipt" />:</label></td>
-        <td><roundcube:object name="receiptCheckBox" form="form" id="rcmcomposereceipt" /></td>
-    </tr><tr>
+        <td><roundcube:object name="mdnCheckBox" form="form" id="rcmcomposereceipt" /></td>
+    </tr>
+    <roundcube:endif />
+    <roundcube:if condition="config:smtp_server != '' and !in_array('dsn_default', (array)config:dont_override)" />
+    <tr>
         <td><label for="rcmcomposedsn"><roundcube:label name="dsn" />:</label></td>
         <td><roundcube:object name="dsnCheckBox" form="form" id="rcmcomposedsn" /></td>
-    </tr><tr>
+    </tr>
+    <roundcube:endif />
+    <tr>
         <td><label for="rcmcomposepriority"><roundcube:label name="priority" />:</label></td>
         <td><roundcube:object name="prioritySelector" form="form" id="rcmcomposepriority" /></td>
-    </tr><roundcube:if condition="!config:no_save_sent_messages" /><tr>
+    </tr>
+    <roundcube:if condition="!config:no_save_sent_messages" />
+    <tr>
         <td><label><roundcube:label name="savesentmessagein" />:</label></td>
         <td><roundcube:object name="storetarget" maxlength="30" /></td>
-    </tr><roundcube:endif />
+    </tr>
+    <roundcube:endif />
     </table>
+</div>
+
+<div id="responsesmenu" class="popupmenu">
+    <ul id="textresponsesmenu">
+        <li><label class="comment"><roundcube:label name="insertresponse" /></label></li>
+        <roundcube:object name="responseslist" id="responseslist" tagname="ul" itemclass="active" />
+        <li><label class="comment"><roundcube:label name="manageresponses" /></label></li>
+        <roundcube:button command="save-response" type="link-menuitem" label="newresponse" classAct="active" unselectable="on" />
+        <roundcube:button command="responses" type="link-menuitem" label="editresponses" classAct="active" />
+    </ul>
 </div>
 
 <div id="spellmenu" class="popupmenu selectable"></div>
@@ -197,5 +216,9 @@
 
 <roundcube:object name="composeAttachmentForm" id="attachment-form" attachmentFieldSize="40" class="popupmenu" />
 
+<script type="text/javascript">
+rcube_init_mail_ui();
+</script>
+
 </body>
 </html>

--
Gitblit v1.9.1