From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 skins/larry/templates/compose.html |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/skins/larry/templates/compose.html b/skins/larry/templates/compose.html
index de3b5bf..9cfe7fe 100644
--- a/skins/larry/templates/compose.html
+++ b/skins/larry/templates/compose.html
@@ -39,6 +39,13 @@
 <!-- inline address book -->
 <div id="compose-contacts" class="uibox listbox">
 <h2 class="boxtitle"><roundcube:label name="contacts" /></h2>
+	<div id="composequicksearch">
+		<div class="searchbox">
+			<roundcube:object name="searchform" id="contactsearchbox" />
+			<a id="searchmenulink" class="iconbutton searchoptions"> </a>
+			<roundcube:button command="reset-search" id="searchreset" class="iconbutton reset" title="resetsearch" content=" " />
+		</div>
+	</div>
 	<roundcube:object name="addressbooks" id="directorylist" class="listing" />
 	<div class="scroller withfooter">
 		<roundcube:object name="addresslist" id="contacts-table" class="listing" noheader="true" />

--
Gitblit v1.9.1