From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 skins/larry/templates/contactedit.html |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/skins/larry/templates/contactedit.html b/skins/larry/templates/contactedit.html
index 9978c47..f849366 100644
--- a/skins/larry/templates/contactedit.html
+++ b/skins/larry/templates/contactedit.html
@@ -4,7 +4,7 @@
 <title><roundcube:object name="pagetitle" /></title>
 <roundcube:include file="/includes/links.html" />
 </head>
-<body class="iframe footerbuttons">
+<body class="iframe">
 
 <h1 class="boxtitle">
 	<roundcube:if condition="env:action=='add'" /><roundcube:label name="addcontact" />
@@ -36,7 +36,7 @@
 
 </form>
 
-<div class="footerbuttons formbuttons">
+<div class="footerleft formbuttons">
 	<roundcube:button command="save" type="input" class="button mainaction" label="save" />
 	<roundcube:button command="show" type="input" class="button" label="cancel" condition="env:action=='edit'" />
 	<roundcube:button name="cancel" type="input" class="button" label="cancel" onclick="history.back()" condition="env:action=='add'" />

--
Gitblit v1.9.1