summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2011-11-24 07:53:00 +0000
committeralecpl <alec@alec.pl>2011-11-24 07:53:00 +0000
commit3ad2b1b4b0ac0fc7a6c7a5adaad9a0616b890daf (patch)
treeb4f9d8054a99ad4e20f22a0f7068036673187657
parentc994e0e7cd9f593eb21ff80c7c1ddbeaf2a1b12a (diff)
- Applied fixes from trunk up to r5479
Diffstat
-rw-r--r--CHANGELOG7
-rw-r--r--SQL/mssql.initial.sql2
-rw-r--r--SQL/mssql.upgrade.sql5
-rw-r--r--SQL/mysql.initial.sql2
-rw-r--r--SQL/mysql.update.sql4
-rw-r--r--SQL/postgres.initial.sql2
-rw-r--r--SQL/postgres.update.sql4
-rw-r--r--SQL/sqlite.initial.sql2
-rw-r--r--SQL/sqlite.update.sql13
-rw-r--r--plugins/archive/archive.js4
-rw-r--r--plugins/archive/package.xml14
-rw-r--r--plugins/managesieve/Changelog1
-rw-r--r--plugins/managesieve/localization/es_ES.inc26
-rw-r--r--plugins/managesieve/managesieve.js13
-rw-r--r--plugins/managesieve/skins/default/managesieve.css7
-rw-r--r--plugins/password/drivers/ldap.php1
-rw-r--r--plugins/password/drivers/ldap_simple.php1
-rw-r--r--plugins/password/package.xml12
-rw-r--r--program/include/main.inc12
-rw-r--r--program/include/rcube_string_replacer.php2
-rwxr-xr-xprogram/include/rcube_template.php2
-rw-r--r--program/js/app.js278
-rw-r--r--program/js/common.js79
-rw-r--r--program/steps/mail/get.inc2
-rw-r--r--program/steps/settings/func.inc5
-rw-r--r--skins/default/common.css18
-rw-r--r--tests/mailfunc.php1
27 files changed, 345 insertions, 174 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 328865dfb..71be8a90f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,7 +1,14 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix possible infinite redirect on attachment preview (#1488199)
+- Improved clickjacking protection for browsers which don't support X-Frame-Options headers
+- Fixed bug where similiar folder names were highlighted wrong (#1487860)
+- Fixed bug in handling link with '!' character in it (#1488195)
+- Fixed bug where session ID's length was limited to 40 characters (#1488196)
+RELEASE 0.7-beta
+----------------
- Fix handling of HTML form elements in messages (#1485137)
- Fix regression in setting recipient to self when replying to a Sent message (#1487074)
- Fix listing of folders in hidden namespaces (#1486796)
diff --git a/SQL/mssql.initial.sql b/SQL/mssql.initial.sql
index a8d1a0b89..c14114100 100644
--- a/SQL/mssql.initial.sql
+++ b/SQL/mssql.initial.sql
@@ -81,7 +81,7 @@ CREATE TABLE [dbo].[identities] (
GO
CREATE TABLE [dbo].[session] (
- [sess_id] [varchar] (32) COLLATE Latin1_General_CI_AI NOT NULL ,
+ [sess_id] [varchar] (128) COLLATE Latin1_General_CI_AI NOT NULL ,
[created] [datetime] NOT NULL ,
[changed] [datetime] NULL ,
[ip] [varchar] (40) COLLATE Latin1_General_CI_AI NOT NULL ,
diff --git a/SQL/mssql.upgrade.sql b/SQL/mssql.upgrade.sql
index 70cf34d36..eee5ae560 100644
--- a/SQL/mssql.upgrade.sql
+++ b/SQL/mssql.upgrade.sql
@@ -239,3 +239,8 @@ ALTER TABLE [dbo].[cache_messages] ADD CONSTRAINT [FK_cache_messages_user_id]
ON DELETE CASCADE ON UPDATE CASCADE
GO
+-- Updates from version 0.7-beta
+
+ALTER TABLE [dbo].[session] ALTER COLUMN [sess_id] [varchar] (128) COLLATE Latin1_General_CI_AI NOT NULL
+GO
+
diff --git a/SQL/mysql.initial.sql b/SQL/mysql.initial.sql
index 28a90f531..94679f202 100644
--- a/SQL/mysql.initial.sql
+++ b/SQL/mysql.initial.sql
@@ -6,7 +6,7 @@
-- Table structure for table `session`
CREATE TABLE `session` (
- `sess_id` varchar(40) NOT NULL,
+ `sess_id` varchar(128) NOT NULL,
`created` datetime NOT NULL DEFAULT '1000-01-01 00:00:00',
`changed` datetime NOT NULL DEFAULT '1000-01-01 00:00:00',
`ip` varchar(40) NOT NULL,
diff --git a/SQL/mysql.update.sql b/SQL/mysql.update.sql
index 66045392d..07617316b 100644
--- a/SQL/mysql.update.sql
+++ b/SQL/mysql.update.sql
@@ -208,3 +208,7 @@ CREATE TABLE `cache_messages` (
INDEX `changed_index` (`changed`),
PRIMARY KEY (`user_id`, `mailbox`, `uid`)
) /*!40000 ENGINE=INNODB */ /*!40101 CHARACTER SET utf8 COLLATE utf8_general_ci */;
+
+-- Updates from version 0.7-beta
+
+ALTER TABLE `session` CHANGE `sess_id` `sess_id` varchar(128) NOT NULL;
diff --git a/SQL/postgres.initial.sql b/SQL/postgres.initial.sql
index 06ecad4eb..3710dac4a 100644
--- a/SQL/postgres.initial.sql
+++ b/SQL/postgres.initial.sql
@@ -37,7 +37,7 @@ CREATE INDEX users_alias_id_idx ON users (alias);
--
CREATE TABLE "session" (
- sess_id varchar(40) DEFAULT '' PRIMARY KEY,
+ sess_id varchar(128) DEFAULT '' PRIMARY KEY,
created timestamp with time zone DEFAULT now() NOT NULL,
changed timestamp with time zone DEFAULT now() NOT NULL,
ip varchar(41) NOT NULL,
diff --git a/SQL/postgres.update.sql b/SQL/postgres.update.sql
index 2935cd483..c96669dc8 100644
--- a/SQL/postgres.update.sql
+++ b/SQL/postgres.update.sql
@@ -165,3 +165,7 @@ CREATE TABLE cache_messages (
);
CREATE INDEX cache_messages_changed_idx ON cache_messages (changed);
+
+-- Updates from version 0.7-beta
+
+ALTER TABLE "session" ALTER sess_id TYPE varchar(128);
diff --git a/SQL/sqlite.initial.sql b/SQL/sqlite.initial.sql
index 80c82a1a1..8c8da5c0f 100644
--- a/SQL/sqlite.initial.sql
+++ b/SQL/sqlite.initial.sql
@@ -110,7 +110,7 @@ CREATE INDEX ix_users_alias ON users(alias);
--
CREATE TABLE session (
- sess_id varchar(40) NOT NULL PRIMARY KEY,
+ sess_id varchar(128) NOT NULL PRIMARY KEY,
created datetime NOT NULL default '0000-00-00 00:00:00',
changed datetime NOT NULL default '0000-00-00 00:00:00',
ip varchar(40) NOT NULL default '',
diff --git a/SQL/sqlite.update.sql b/SQL/sqlite.update.sql
index 0193c7c39..92f6da142 100644
--- a/SQL/sqlite.update.sql
+++ b/SQL/sqlite.update.sql
@@ -282,3 +282,16 @@ CREATE TABLE cache_messages (
);
CREATE INDEX ix_cache_messages_changed ON cache_messages (changed);
+
+-- Updates from version 0.7-beta
+
+DROP TABLE session;
+CREATE TABLE session (
+ sess_id varchar(128) NOT NULL PRIMARY KEY,
+ created datetime NOT NULL default '0000-00-00 00:00:00',
+ changed datetime NOT NULL default '0000-00-00 00:00:00',
+ ip varchar(40) NOT NULL default '',
+ vars text NOT NULL
+);
+
+CREATE INDEX ix_session_changed ON session (changed);
diff --git a/plugins/archive/archive.js b/plugins/archive/archive.js
index a83750819..5c576e100 100644
--- a/plugins/archive/archive.js
+++ b/plugins/archive/archive.js
@@ -27,7 +27,9 @@ if (window.rcmail) {
// set css style for archive folder
var li;
- if (rcmail.env.archive_folder && rcmail.env.archive_folder_icon && (li = rcmail.get_folder_li(rcmail.env.archive_folder)))
+ if (rcmail.env.archive_folder && rcmail.env.archive_folder_icon
+ && (li = rcmail.get_folder_li(rcmail.env.archive_folder, '', true))
+ )
$(li).css('background-image', 'url(' + rcmail.env.archive_folder_icon + ')');
})
}
diff --git a/plugins/archive/package.xml b/plugins/archive/package.xml
index c442a5c4d..c549fc9b7 100644
--- a/plugins/archive/package.xml
+++ b/plugins/archive/package.xml
@@ -13,10 +13,9 @@
<email>roundcube@gmail.com</email>
<active>yes</active>
</lead>
- <date>2010-02-06</date>
- <time>12:12:00</time>
+ <date>2011-11-23</date>
<version>
- <release>1.4</release>
+ <release>1.5</release>
<api>1.4</api>
</version>
<stability>
@@ -35,14 +34,21 @@
<tasks:replace from="@name@" to="name" type="package-info"/>
<tasks:replace from="@package_version@" to="version" type="package-info"/>
</file>
- <file name="localization/en_US.inc" role="data"></file>
<file name="localization/cs_CZ.inc" role="data"></file>
<file name="localization/de_CH.inc" role="data"></file>
<file name="localization/de_DE.inc" role="data"></file>
+ <file name="localization/en_US.inc" role="data"></file>
+ <file name="localization/es_AR.inc" role="data"></file>
+ <file name="localization/es_ES.inc" role="data"></file>
<file name="localization/et_EE.inc" role="data"></file>
<file name="localization/fr_FR.inc" role="data"></file>
+ <file name="localization/gl_ES.inc" role="data"></file>
+ <file name="localization/ja_JP.inc" role="data"></file>
+ <file name="localization/nl_NL.inc" role="data"></file>
<file name="localization/pl_PL.inc" role="data"></file>
+ <file name="localization/pt_BR.inc" role="data"></file>
<file name="localization/ru_RU.inc" role="data"></file>
+ <file name="localization/sv_SE.inc" role="data"></file>
<file name="localization/zh_TW.inc" role="data"></file>
<file name="skins/default/archive_act.png" role="data"></file>
<file name="skins/default/archive_pas.png" role="data"></file>
diff --git a/plugins/managesieve/Changelog b/plugins/managesieve/Changelog
index d7ef8e561..05506120e 100644
--- a/plugins/managesieve/Changelog
+++ b/plugins/managesieve/Changelog
@@ -1,4 +1,5 @@
- Fixed setting test type to :is when none is specified
+- Fixed javascript error in IE8
* version 5.0-rc1 [2011-11-17]
-----------------------------------------------------------
diff --git a/plugins/managesieve/localization/es_ES.inc b/plugins/managesieve/localization/es_ES.inc
index 1dad18d99..df9d3a79d 100644
--- a/plugins/managesieve/localization/es_ES.inc
+++ b/plugins/managesieve/localization/es_ES.inc
@@ -53,6 +53,31 @@ $labels['none'] = 'ninguno';
$labels['fromset'] = 'de conjunto ';
$labels['fromfile'] = 'de archivo';
$labels['filterdisabled'] = 'Filtro desactivado';
+$labels['filtermatches'] = 'coincide con la expresión';
+$labels['filternotmatches'] = 'no coincide con la expresión';
+$labels['filterregex'] = 'coincide con la expresión regular';
+$labels['filternotregex'] = 'no coincide con la expresión regular';
+$labels['vacationsubject'] = 'Asunto del Mensaje:';
+$labels['countisgreaterthan'] = 'contiene más que';
+$labels['countisgreaterthanequal'] = 'contiene más o igual que';
+$labels['countislessthan'] = 'contiene menos que';
+$labels['countislessthanequal'] = 'contiene menos o igual que';
+$labels['countequals'] = 'contiene igual que';
+$labels['countnotequals'] = 'contiene distinto que';
+$labels['valueisgreaterthan'] = 'el valor es mayor que';
+$labels['valueisgreaterthanequal'] = 'el valor es mayor o igual que';
+$labels['valueislessthan'] = 'el valor es menor que';
+$labels['valueislessthanequal'] = 'el valor es menor o igual que';
+$labels['valueequals'] = 'el valor es igual que';
+$labels['valuenotequals'] = 'el valor es distinto que';
+$labels['setflags'] = 'Etiquetar el mensaje';
+$labels['addflags'] = 'Agregar etiqueta al mensaje';
+$labels['removeflags'] = 'Eliminar etiquetas al mensaje';
+$labels['flagread'] = 'Leido';
+$labels['flagdeleted'] = 'Eliminado';
+$labels['flaganswered'] = 'Respondido';
+$labels['flagflagged'] = 'Marcado';
+$labels['flagdraft'] = 'Borrador';
$messages = array();
$messages['filterunknownerror'] = 'Error desconocido de servidor';
@@ -77,5 +102,6 @@ $messages['setcreateerror'] = 'Imposible crear el conjunto de filtros. Ha ocurri
$messages['setcreated'] = 'Conjunto de filtros creado satisfactoriamente';
$messages['emptyname'] = 'Imposible crear el conjunto de filtros. Sin nombre';
$messages['nametoolong'] = 'Imposible crear el conjunto de filtros. Nombre demasiado largo'
+$messages['setdeactivateerror'] = 'Imposible desactivar el conjunto de filtros seleccionado. Ha ocurrido un error en el servidor';
?>
diff --git a/plugins/managesieve/managesieve.js b/plugins/managesieve/managesieve.js
index a7b15f7b5..a8bfaf203 100644
--- a/plugins/managesieve/managesieve.js
+++ b/plugins/managesieve/managesieve.js
@@ -290,8 +290,8 @@ rcube_webmail.prototype.managesieve_updatelist = function(action, o)
td.innerHTML = el.name;
td.className = 'name';
tr.id = 'rcmrow' + el.id;
- if (el.class)
- tr.className = el.class
+ if (el['class'])
+ tr.className = el['class'];
tr.appendChild(td);
list.insert_row(tr);
@@ -721,13 +721,11 @@ rcube_webmail.prototype.managesieve_create = function()
// load form in the iframe
var frame = $('<iframe>').attr({src: url, frameborder: 0})
- frame.height(dialog.height()); // temp.
- dialog.empty().append(frame);
- dialog.dialog('dialog').resize();
+ dialog.empty().append(frame).dialog('dialog').resize();
// Change [Next Step] button with [Save] button
buttons = {};
- buttons[rcmail.gettext('save')] = function() {
+ buttons[rcmail.gettext('save')] = function() {
var win = $('iframe', dialog).get(0).contentWindow;
win.rcmail.managesieve_save();
};
@@ -743,7 +741,8 @@ rcube_webmail.prototype.managesieve_create = function()
close: function() { rcmail.managesieve_dialog_close(); },
buttons: buttons,
minWidth: 600,
- minHeight: 300
+ minHeight: 300,
+ height: 250
}).show();
this.env.managesieve_dialog = dialog;
diff --git a/plugins/managesieve/skins/default/managesieve.css b/plugins/managesieve/skins/default/managesieve.css
index 0b82be6f3..60f632504 100644
--- a/plugins/managesieve/skins/default/managesieve.css
+++ b/plugins/managesieve/skins/default/managesieve.css
@@ -110,6 +110,7 @@ body.iframe
#filter-form
{
min-width: 550px;
+ width: expression(Math.max(550, document.documentElement.clientWidth)+'px');
white-space: nowrap;
padding: 20px 10px 10px 10px;
}
@@ -145,8 +146,8 @@ div.rulerow:hover, div.actionrow:hover
div.rulerow table, div.actionrow table
{
padding: 0px;
- width: 100%;
- min-width: 620px;
+ min-width: 600px;
+ width: expression(Math.max(600, document.documentElement.clientWidth)+'px');
}
td
@@ -189,6 +190,7 @@ td.rowactions
{
white-space: nowrap;
width: 1%;
+ padding-top: 2px;
}
td.rowtargets
@@ -196,6 +198,7 @@ td.rowtargets
white-space: nowrap;
width: 98%;
padding-left: 3px;
+ padding-top: 2px;
}
td.rowtargets div.adv
diff --git a/plugins/password/drivers/ldap.php b/plugins/password/drivers/ldap.php
index 3ea30a69c..e6450e5e1 100644
--- a/plugins/password/drivers/ldap.php
+++ b/plugins/password/drivers/ldap.php
@@ -272,6 +272,7 @@ function hashPassword( $passwordClear, $encodageType )
case 'samba':
if (function_exists('hash')) {
$cryptedPassword = hash('md4', rcube_charset_convert($passwordClear, RCMAIL_CHARSET, 'UTF-16LE'));
+ $cryptedPassword = strtoupper($cryptedPassword);
} else {
/* Your PHP install does not have the hash() function */
return false;
diff --git a/plugins/password/drivers/ldap_simple.php b/plugins/password/drivers/ldap_simple.php
index 482b7e56f..2f51b7547 100644
--- a/plugins/password/drivers/ldap_simple.php
+++ b/plugins/password/drivers/ldap_simple.php
@@ -238,6 +238,7 @@ function ldap_simple_hash_password($password_clear, $encodage_type)
case 'samba':
if (function_exists('hash')) {
$crypted_password = hash('md4', rcube_charset_convert($password_clear, RCMAIL_CHARSET, 'UTF-16LE'));
+ $crypted_password = strtoupper($crypted_password);
} else {
/* Your PHP install does not have the hash() function */
return false;
diff --git a/plugins/password/package.xml b/plugins/password/package.xml
index d3f4bea9b..45688e118 100644
--- a/plugins/password/package.xml
+++ b/plugins/password/package.xml
@@ -15,10 +15,9 @@
<email>alec@alec.pl</email>
<active>yes</active>
</lead>
- <date></date>
- <time></time>
+ <date>2011-11-23</date>
<version>
- <release></release>
+ <release>2.4</release>
<api>1.6</api>
</version>
<stability>
@@ -28,6 +27,7 @@
<license uri="http://www.gnu.org/licenses/gpl-2.0.html">GNU GPLv2</license>
<notes>
- Added option to use punycode or unicode for domain names (#1488103)
+- Save Samba password hashes in capital letters (#1488197)
</notes>
<contents>
<dir baseinstalldir="/" name="/">
@@ -51,21 +51,27 @@
<file name="localization/de_CH.inc" role="data"></file>
<file name="localization/de_DE.inc" role="data"></file>
<file name="localization/en_US.inc" role="data"></file>
+ <file name="localization/es_AR.inc" role="data"></file>
<file name="localization/es_ES.inc" role="data"></file>
<file name="localization/et_EE.inc" role="data"></file>
<file name="localization/fi_FI.inc" role="data"></file>
<file name="localization/fr_FR.inc" role="data"></file>
<file name="localization/gl_ES.inc" role="data"></file>
+ <file name="localization/hr_HR.inc" role="data"></file>
<file name="localization/hu_HU.inc" role="data"></file>
<file name="localization/it_IT.inc" role="data"></file>
+ <file name="localization/ja_JA.inc" role="data"></file>
<file name="localization/lt_LT.inc" role="data"></file>
<file name="localization/lv_LV.inc" role="data"></file>
<file name="localization/nl_NL.inc" role="data"></file>
<file name="localization/pl_PL.inc" role="data"></file>
<file name="localization/pt_BR.inc" role="data"></file>
<file name="localization/pt_PT.inc" role="data"></file>
+ <file name="localization/ru_RU.inc" role="data"></file>
+ <file name="localization/sk_SK.inc" role="data"></file>
<file name="localization/sl_SI.inc" role="data"></file>
<file name="localization/sv_SE.inc" role="data"></file>
+ <file name="localization/tr_TR.inc" role="data"></file>
<file name="localization/zh_TW.inc" role="data"></file>
<file name="drivers/chgsaslpasswd.c" role="data"></file>
diff --git a/program/include/main.inc b/program/include/main.inc
index c84e5ad6b..25940bd67 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -730,12 +730,14 @@ function asciiwords($str, $css_id = false, $replace_with = '')
/**
* Convert the given string into a valid HTML identifier
- * Same functionality as done in app.js with this.identifier_expr
- *
+ * Same functionality as done in app.js with rcube_webmail.html_identifier()
*/
-function html_identifier($str)
+function html_identifier($str, $encode=false)
{
- return asciiwords($str, true, '_');
+ if ($encode)
+ return rtrim(strtr(base64_encode($str), '+/', '-_'), '=');
+ else
+ return asciiwords($str, true, '_');
}
/**
@@ -1331,7 +1333,7 @@ function rcmail_render_folder_tree_html(&$arrFolders, &$mbox_name, &$jslist, $at
}
// make folder name safe for ids and class names
- $folder_id = html_identifier($folder['id']);
+ $folder_id = html_identifier($folder['id'], true);
$classes = array('mailbox');
// set special class for Sent, Drafts, Trash and Junk
diff --git a/program/include/rcube_string_replacer.php b/program/include/rcube_string_replacer.php
index 8997ca342..1cd1ef9fe 100644
--- a/program/include/rcube_string_replacer.php
+++ b/program/include/rcube_string_replacer.php
@@ -39,7 +39,7 @@ class rcube_string_replacer
// Support unicode/punycode in top-level domain part
$utf_domain = '[^?&@"\'\\/()\s\r\t\n]+\\.([^\\x00-\\x2f\\x3b-\\x40\\x5b-\\x60\\x7b-\\x7f]{2,}|xn--[a-z0-9]{2,})';
$url1 = '.:;,';
- $url2 = 'a-z0-9%=#@+?&\\/_~\\[\\]{}-';
+ $url2 = 'a-z0-9%=#@+?!&\\/_~\\[\\]{}-';
$this->link_pattern = "/([\w]+:\/\/|\Wwww\.)($utf_domain([$url1]?[$url2]+)*)/i";
$this->mailto_pattern = "/("
diff --git a/program/include/rcube_template.php b/program/include/rcube_template.php
index 11c251ac5..ea221767c 100755
--- a/program/include/rcube_template.php
+++ b/program/include/rcube_template.php
@@ -71,6 +71,7 @@ class rcube_template extends rcube_html_page
//$this->framed = $framed;
$this->set_env('task', $task);
+ $this->set_env('x_frame_options', $this->app->config->get('x_frame_options', 'sameorigin'));
// load the correct skin (in case user-defined)
$this->set_skin($this->config['skin']);
@@ -915,6 +916,7 @@ class rcube_template extends rcube_html_page
// make valid href to specific buttons
if (in_array($attrib['command'], rcmail::$main_tasks)) {
$attrib['href'] = rcmail_url(null, null, $attrib['command']);
+ $attrib['onclick'] = sprintf("%s.switch_task('%s');return false", JS_OBJECT_NAME, $attrib['command']);
}
else if ($attrib['task'] && in_array($attrib['task'], rcmail::$main_tasks)) {
$attrib['href'] = rcmail_url($attrib['command'], null, $attrib['task']);
diff --git a/program/js/app.js b/program/js/app.js
index 8b98a4268..6c0d2cd8d 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -37,7 +37,7 @@ function rcube_webmail()
// webmail client settings
this.dblclick_time = 500;
- this.message_time = 2000;
+ this.message_time = 4000;
this.identifier_expr = new RegExp('[^0-9a-z\-_]', 'gi');
@@ -128,7 +128,7 @@ function rcube_webmail()
// initialize webmail client
this.init = function()
{
- var p = this;
+ var n, p = this;
this.task = this.env.task;
// check browser
@@ -138,13 +138,29 @@ function rcube_webmail()
}
// find all registered gui containers
- for (var n in this.gui_containers)
+ for (n in this.gui_containers)
this.gui_containers[n] = $('#'+this.gui_containers[n]);
// find all registered gui objects
- for (var n in this.gui_objects)
+ for (n in this.gui_objects)
this.gui_objects[n] = rcube_find_object(this.gui_objects[n]);
+ // clickjacking protection
+ if (this.env.x_frame_options) {
+ try {
+ // bust frame if not allowed
+ if (this.env.x_frame_options == 'deny' && top.location.href != self.location.href)
+ top.location.href = self.location.href;
+ else if (top.location.hostname != self.location.hostname)
+ throw 1;
+ } catch (e) {
+ // possible clickjacking attack: disable all form elements
+ $('form').each(function(){ ref.lock_form(this, true); });
+ this.display_message("Blocked: possible clickjacking attack!", 'error');
+ return;
+ }
+ }
+
// init registered buttons
this.init_buttons();
@@ -380,8 +396,10 @@ function rcube_webmail()
$('#rcmloginpwd').focus();
// detect client timezone
- var tz = new Date().getTimezoneOffset() / -60;
- var stdtz = new Date().getStdTimezoneOffset() / -60;
+ var dt = new Date(),
+ tz = dt.getTimezoneOffset() / -60,
+ stdtz = dt.getStdTimezoneOffset() / -60;
+
$('#rcmlogintz').val(stdtz);
$('#rcmlogindst').val(tz > stdtz ? 1 : 0);
@@ -442,7 +460,7 @@ function rcube_webmail()
// execute a specific command on the web client
this.command = function(command, props, obj)
{
- var ret;
+ var ret, uid, cid, url, flag;
if (obj && obj.blur)
obj.blur();
@@ -517,7 +535,6 @@ function rcube_webmail()
return false;
case 'open':
- var uid;
if (uid = this.get_single_uid()) {
obj.href = '?_task='+this.env.task+'&_action=show&_mbox='+urlencode(this.env.mailbox)+'&_uid='+uid;
return true;
@@ -586,7 +603,7 @@ function rcube_webmail()
// common commands used in multiple tasks
case 'show':
if (this.task == 'mail') {
- var uid = this.get_single_uid();
+ uid = this.get_single_uid();
if (uid && (!this.env.uid || uid != this.env.uid)) {
if (this.env.mailbox == this.env.drafts_mailbox)
this.goto_url('compose', '_draft_uid='+uid+'&_mbox='+urlencode(this.env.mailbox), true);
@@ -595,7 +612,7 @@ function rcube_webmail()
}
}
else if (this.task == 'addressbook') {
- var cid = props ? props : this.get_single_cid();
+ cid = props ? props : this.get_single_cid();
if (cid && !(this.env.action == 'show' && cid == this.env.cid))
this.load_contact(cid, 'show');
}
@@ -611,13 +628,12 @@ function rcube_webmail()
break;
case 'edit':
- var cid;
if (this.task=='addressbook' && (cid = this.get_single_cid()))
this.load_contact(cid, 'edit');
else if (this.task=='settings' && props)
this.load_identity(props, 'edit-identity');
else if (this.task=='mail' && (cid = this.get_single_uid())) {
- var url = (this.env.mailbox == this.env.drafts_mailbox) ? '_draft_uid=' : '_uid=';
+ url = (this.env.mailbox == this.env.drafts_mailbox) ? '_draft_uid=' : '_uid=';
this.goto_url('compose', url+cid+'&_mbox='+urlencode(this.env.mailbox), true);
}
break;
@@ -695,7 +711,7 @@ function rcube_webmail()
if (props && !props._row)
break;
- var uid, flag = 'read';
+ flag = 'read';
if (props._row.uid) {
uid = props._row.uid;
@@ -715,7 +731,7 @@ function rcube_webmail()
if (props && !props._row)
break;
- var uid, flag = 'flagged';
+ flag = 'flagged';
if (props._row.uid) {
uid = props._row.uid;
@@ -811,7 +827,7 @@ function rcube_webmail()
break;
case 'compose':
- var url = this.url('mail/compose');
+ url = this.url('mail/compose');
if (this.task == 'mail') {
url += '&_mbox='+urlencode(this.env.mailbox);
@@ -921,9 +937,8 @@ function rcube_webmail()
case 'reply-all':
case 'reply-list':
case 'reply':
- var uid;
if (uid = this.get_single_uid()) {
- var url = '_reply_uid='+uid+'&_mbox='+urlencode(this.env.mailbox);
+ url = '_reply_uid='+uid+'&_mbox='+urlencode(this.env.mailbox);
if (command == 'reply-all')
// do reply-list, when list is detected and popup menu wasn't used
url += '&_all=' + (!props && this.commands['reply-list'] ? 'list' : 'all');
@@ -936,7 +951,6 @@ function rcube_webmail()
case 'forward-attachment':
case 'forward':
- var uid, url;
if (uid = this.get_single_uid()) {
url = '_forward_uid='+uid+'&_mbox='+urlencode(this.env.mailbox);
if (command == 'forward-attachment' || (!props && this.env.forward_attachment))
@@ -946,7 +960,6 @@ function rcube_webmail()
break;
case 'print':
- var uid;
if (uid = this.get_single_uid()) {
ref.printwin = window.open(this.env.comm_path+'&_action=print&_uid='+uid+'&_mbox='+urlencode(this.env.mailbox)+(this.env.safemode ? '&_safe=1' : ''));
if (this.printwin) {
@@ -958,7 +971,6 @@ function rcube_webmail()
break;
case 'viewsource':
- var uid;
if (uid = this.get_single_uid()) {
ref.sourcewin = window.open(this.env.comm_path+'&_action=viewsource&_uid='+uid+'&_mbox='+urlencode(this.env.mailbox));
if (this.sourcewin)
@@ -967,7 +979,6 @@ function rcube_webmail()
break;
case 'download':
- var uid;
if (uid = this.get_single_uid())
this.goto_url('viewsource', '&_uid='+uid+'&_mbox='+urlencode(this.env.mailbox)+'&_save=1');
break;
@@ -1064,10 +1075,10 @@ function rcube_webmail()
// set command(s) enabled or disabled
this.enable_command = function()
{
- var args = Array.prototype.slice.call(arguments),
+ var i, n, args = Array.prototype.slice.call(arguments),
enable = args.pop(), cmd;
- for (var n=0; n<args.length; n++) {
+ for (n=0; n<args.length; n++) {
cmd = args[n];
// argument of type array
if (typeof cmd === 'string') {
@@ -1076,7 +1087,7 @@ function rcube_webmail()
}
// push array elements into commands array
else {
- for (var i in cmd)
+ for (i in cmd)
args.push(cmd[i]);
}
}
@@ -1203,6 +1214,24 @@ function rcube_webmail()
this.http_post('save-pref', request);
};
+ this.html_identifier = function(str, encode)
+ {
+ str = String(str);
+ if (encode)
+ return Base64.encode(str).replace(/=+$/, '').replace(/\+/g, '-').replace(/\//g, '_');
+ else
+ return str.replace(this.identifier_expr, '_');
+ };
+
+ this.html_identifier_decode = function(str)
+ {
+ str = String(str).replace(/-/g, '+').replace(/_/g, '/');
+
+ while (str.length % 4) str += '=';
+
+ return Base64.decode(str);
+ };
+
/*********************************************************/
/********* event handling methods *********/
@@ -1249,13 +1278,14 @@ function rcube_webmail()
this.initialBodyScrollTop = bw.ie ? 0 : window.pageYOffset;
this.initialListScrollTop = this.gui_objects.folderlist.parentNode.scrollTop;
- var li, pos, list, height;
- list = $(this.gui_objects.folderlist);
- pos = list.offset();
+ var k, li, height,
+ list = $(this.gui_objects.folderlist);
+ pos = list.offset();
+
this.env.folderlist_coords = { x1:pos.left, y1:pos.top, x2:pos.left + list.width(), y2:pos.top + list.height() };
this.env.folder_coords = [];
- for (var k in model) {
+ for (k in model) {
if (li = this.get_folder_li(k)) {
// only visible folders
if (height = li.firstChild.offsetHeight) {
@@ -1291,19 +1321,18 @@ function rcube_webmail()
this.drag_move = function(e)
{
if (this.gui_objects.folderlist && this.env.folder_coords) {
- // offsets to compensate for scrolling while dragging a message
- var boffset = bw.ie ? -document.documentElement.scrollTop : this.initialBodyScrollTop;
- var moffset = this.initialListScrollTop-this.gui_objects.folderlist.parentNode.scrollTop;
- var toffset = -moffset-boffset;
- var li, div, pos, mouse, check, oldclass,
- layerclass = 'draglayernormal';
+ var k, li, div, check, oldclass,
+ layerclass = 'draglayernormal',
+ mouse = rcube_event.get_mouse_pos(e),
+ pos = this.env.folderlist_coords,
+ // offsets to compensate for scrolling while dragging a message
+ boffset = bw.ie ? -document.documentElement.scrollTop : this.initialBodyScrollTop,
+ moffset = this.initialListScrollTop-this.gui_objects.folderlist.parentNode.scrollTop;
if (this.contact_list && this.contact_list.draglayer)
oldclass = this.contact_list.draglayer.attr('class');
- mouse = rcube_event.get_mouse_pos(e);
- pos = this.env.folderlist_coords;
- mouse.y += toffset;
+ mouse.y += -moffset-boffset;
// if mouse pointer is outside of folderlist
if (mouse.x < pos.x1 || mouse.x >= pos.x2 || mouse.y < pos.y1 || mouse.y >= pos.y2) {
@@ -1318,10 +1347,10 @@ function rcube_webmail()
}
// over the folders
- for (var k in this.env.folder_coords) {
+ for (k in this.env.folder_coords) {
pos = this.env.folder_coords[k];
if (mouse.x >= pos.x1 && mouse.x < pos.x2 && mouse.y >= pos.y1 && mouse.y < pos.y2){
- if ((check = this.check_droptarget(k))) {
+ if ((check = this.check_droptarget(k))) {
li = this.get_folder_li(k);
div = $(li.getElementsByTagName('div')[0]);
@@ -1332,9 +1361,9 @@ function rcube_webmail()
this.folder_auto_expand = k;
this.folder_auto_timer = window.setTimeout(function() {
- rcmail.command('collapse-folder', rcmail.folder_auto_expand);
- rcmail.drag_start(null);
- }, 1000);
+ rcmail.command('collapse-folder', rcmail.folder_auto_expand);
+ rcmail.drag_start(null);
+ }, 1000);
} else if (this.folder_auto_timer) {
window.clearTimeout(this.folder_auto_timer);
this.folder_auto_timer = null;
@@ -1360,31 +1389,29 @@ function rcube_webmail()
}
};
- this.collapse_folder = function(id)
+ this.collapse_folder = function(name)
{
- var li = this.get_folder_li(id),
- div = $(li.getElementsByTagName('div')[0]);
-
- if (!div || (!div.hasClass('collapsed') && !div.hasClass('expanded')))
- return;
-
- var ul = $(li.getElementsByTagName('ul')[0]);
+ var li = this.get_folder_li(name, '', true),
+ div = $('div:first', li),
+ ul = $('ul:first', li);
if (div.hasClass('collapsed')) {
ul.show();
div.removeClass('collapsed').addClass('expanded');
- var reg = new RegExp('&'+urlencode(id)+'&');
+ var reg = new RegExp('&'+urlencode(name)+'&');
this.env.collapsed_folders = this.env.collapsed_folders.replace(reg, '');
}
- else {
+ else if (div.hasClass('expanded')) {
ul.hide();
div.removeClass('expanded').addClass('collapsed');
- this.env.collapsed_folders = this.env.collapsed_folders+'&'+urlencode(id)+'&';
+ this.env.collapsed_folders = this.env.collapsed_folders+'&'+urlencode(name)+'&';
// select parent folder if one of its childs is currently selected
- if (this.env.mailbox.indexOf(id + this.env.delimiter) == 0)
- this.command('list', id);
+ if (this.env.mailbox.indexOf(name + this.env.delimiter) == 0)
+ this.command('list', name);
}
+ else
+ return;
// Work around a bug in IE6 and IE7, see #1485309
if (bw.ie6 || bw.ie7) {
@@ -1396,7 +1423,7 @@ function rcube_webmail()
}
this.command('save-pref', { name: 'collapsed_folders', value: this.env.collapsed_folders });
- this.set_unread_count_display(id, false);
+ this.set_unread_count_display(name, false);
};
this.doc_mouse_up = function(e)
@@ -1989,7 +2016,7 @@ function rcube_webmail()
if (mbox != this.env.mailbox || (mbox == this.env.mailbox && !page && !sort))
url += '&_refresh=1';
- this.select_folder(mbox);
+ this.select_folder(mbox, '', true);
this.env.mailbox = mbox;
// load message list remotely
@@ -3349,16 +3376,8 @@ function rcube_webmail()
this.remove_from_attachment_list = function(name)
{
- if (this.env.attachments[name])
- delete this.env.attachments[name];
-
- if (!this.gui_objects.attachmentlist)
- return false;
-
- var list = this.gui_objects.attachmentlist.getElementsByTagName("li");
- for (i=0; i<list.length; i++)
- if (list[i].id == name)
- this.gui_objects.attachmentlist.removeChild(list[i]);
+ delete this.env.attachments[name];
+ $('#'+name).remove();
};
this.remove_attachment = function(name)
@@ -3695,7 +3714,7 @@ function rcube_webmail()
return;
// display search results
- var ul, li, text, init,
+ var i, len, ul, li, text, init,
value = this.ksearch_value,
data = this.ksearch_data,
maxlen = this.env.autocomplete_max ? this.env.autocomplete_max : 15;
@@ -3726,8 +3745,8 @@ function rcube_webmail()
}
// add each result line to list
- if (results && results.length) {
- for (i=0; i < results.length && maxlen > 0; i++) {
+ if (results && (len = results.length)) {
+ for (i=0; i < len && maxlen > 0; i++) {
text = typeof results[i] === 'object' ? results[i].name : results[i];
li = document.createElement('LI');
li.innerHTML = text.replace(new RegExp('('+RegExp.escape(value)+')', 'ig'), '##$1%%').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/##([^%]+)%%/g, '<b>$1</b>');
@@ -3748,7 +3767,7 @@ function rcube_webmail()
}
}
- if (results && results.length)
+ if (len)
this.env.contacts = this.env.contacts.concat(results);
// run next parallel search
@@ -4031,10 +4050,10 @@ function rcube_webmail()
this.delete_contacts = function()
{
- // exit if no mailbox specified or if selection is empty
var selection = this.contact_list.get_selection(),
undelete = this.env.address_sources[this.env.source].undelete;
+ // exit if no mailbox specified or if selection is empty
if (!(selection.length || this.env.cid) || (!undelete && !confirm(this.get_label('deletecontactconfirm'))))
return;
@@ -4075,7 +4094,7 @@ function rcube_webmail()
{
var c, row, list = this.contact_list;
- cid = String(cid).replace(this.identifier_expr, '_');
+ cid = this.html_identifier(cid);
// when in searching mode, concat cid with the source name
if (!list.rows[cid]) {
@@ -4091,7 +4110,7 @@ function rcube_webmail()
// cid change
if (newcid) {
- newcid = String(newcid).replace(this.identifier_expr, '_');
+ newcid = this.html_identifier(newcid);
row.id = 'rcmrow' + newcid;
list.remove_row(cid);
list.init_row(row);
@@ -4110,7 +4129,7 @@ function rcube_webmail()
var c, list = this.contact_list,
row = document.createElement('tr');
- row.id = 'rcmrow'+String(cid).replace(this.identifier_expr, '_');
+ row.id = 'rcmrow'+this.html_identifier(cid);
row.className = 'contact';
if (list.in_selection(cid))
@@ -4292,7 +4311,7 @@ function rcube_webmail()
.attr('rel', prop.source+':'+prop.id)
.click(function() { return rcmail.command('listgroup', prop, this); })
.html(prop.name),
- li = $('<li>').attr({id: 'rcmli'+key.replace(this.identifier_expr, '_'), 'class': 'contactgroup'})
+ li = $('<li>').attr({id: 'rcmli'+this.html_identifier(key), 'class': 'contactgroup'})
.append(link);
this.env.contactfolders[key] = this.env.contactgroups[key] = prop;
@@ -4315,7 +4334,7 @@ function rcube_webmail()
var newkey = 'G'+prop.source+prop.newid,
newprop = $.extend({}, prop);;
- li.id = String('rcmli'+newkey).replace(this.identifier_expr, '_');
+ li.id = 'rcmli' + this.html_identifier(newkey);
this.env.contactfolders[newkey] = this.env.contactfolders[key];
this.env.contactfolders[newkey].id = prop.newid;
this.env.group = prop.newid;
@@ -4347,7 +4366,7 @@ function rcube_webmail()
{
var row, name = prop.name.toUpperCase(),
sibling = this.get_folder_li(prop.source),
- prefix = 'rcmliG'+(prop.source).replace(this.identifier_expr, '_');
+ prefix = 'rcmliG' + this.html_identifier(prop.source);
// When renaming groups, we need to remove it from DOM and insert it in the proper place
if (reloc) {
@@ -4418,7 +4437,7 @@ function rcube_webmail()
.appendTo(cell);
this.init_edit_field(col, input);
-
+
if (colprop.type == 'date' && $.datepicker)
input.datepicker();
}
@@ -4580,7 +4599,7 @@ function rcube_webmail()
.attr('rel', id)
.click(function() { return rcmail.command('listsearch', id, this); })
.html(name),
- li = $('<li>').attr({id: 'rcmli'+key.replace(this.identifier_expr, '_'), 'class': 'contactsearch'})
+ li = $('<li>').attr({id: 'rcmli' + this.html_identifier(key), 'class': 'contactsearch'})
.append(link),
prop = {name:name, id:id, li:li[0]};
@@ -5151,17 +5170,18 @@ function rcube_webmail()
init_button(cmd, this.buttons[cmd][i]);
}
}
+
+ // set active task button
+ this.set_button(this.task, 'sel');
};
// set button to a specific state
this.set_button = function(command, state)
{
- var button, obj, a_buttons = this.buttons[command];
-
- if (!a_buttons || !a_buttons.length)
- return false;
+ var n, button, obj, a_buttons = this.buttons[command],
+ len = a_buttons ? a_buttons.length : 0;
- for (var n=0; n<a_buttons.length; n++) {
+ for (n=0; n<len; n++) {
button = a_buttons[n];
obj = document.getElementById(button.id);
@@ -5196,15 +5216,14 @@ function rcube_webmail()
// display a specific alttext
this.set_alttext = function(command, label)
{
- if (!this.buttons[command] || !this.buttons[command].length)
- return;
+ var n, button, obj, link, a_buttons = this.buttons[command],
+ len = a_buttons ? a_buttons.length : 0;
- var button, obj, link;
- for (var n=0; n<this.buttons[command].length; n++) {
- button = this.buttons[command][n];
+ for (n=0; n<len; n++) {
+ button = a_buttons[n];
obj = document.getElementById(button.id);
- if (button.type=='image' && obj) {
+ if (button.type == 'image' && obj) {
obj.setAttribute('alt', this.get_label(label));
if ((link = obj.parentNode) && link.tagName.toLowerCase() == 'a')
link.setAttribute('title', this.get_label(label));
@@ -5217,20 +5236,18 @@ function rcube_webmail()
// mouse over button
this.button_over = function(command, id)
{
- var button, elm, a_buttons = this.buttons[command];
-
- if (!a_buttons || !a_buttons.length)
- return false;
+ var n, button, obj, a_buttons = this.buttons[command],
+ len = a_buttons ? a_buttons.length : 0;
- for (var n=0; n<a_buttons.length; n++) {
+ for (n=0; n<len; n++) {
button = a_buttons[n];
if (button.id == id && button.status == 'act') {
- elm = document.getElementById(button.id);
- if (elm && button.over) {
+ obj = document.getElementById(button.id);
+ if (obj && button.over) {
if (button.type == 'image')
- elm.src = button.over;
+ obj.src = button.over;
else
- elm.className = button.over;
+ obj.className = button.over;
}
}
}
@@ -5239,20 +5256,18 @@ function rcube_webmail()
// mouse down on button
this.button_sel = function(command, id)
{
- var button, elm, a_buttons = this.buttons[command];
-
- if (!a_buttons || !a_buttons.length)
- return;
+ var n, button, obj, a_buttons = this.buttons[command],
+ len = a_buttons ? a_buttons.length : 0;
- for (var n=0; n<a_buttons.length; n++) {
+ for (n=0; n<len; n++) {
button = a_buttons[n];
if (button.id == id && button.status == 'act') {
- elm = document.getElementById(button.id);
- if (elm && button.sel) {
+ obj = document.getElementById(button.id);
+ if (obj && button.sel) {
if (button.type == 'image')
- elm.src = button.sel;
+ obj.src = button.sel;
else
- elm.className = button.sel;
+ obj.className = button.sel;
}
this.buttons_sel[id] = command;
}
@@ -5262,26 +5277,23 @@ function rcube_webmail()
// mouse out of button
this.button_out = function(command, id)
{
- var button, elm, a_buttons = this.buttons[command];
-
- if (!a_buttons || !a_buttons.length)
- return;
+ var n, button, obj, a_buttons = this.buttons[command],
+ len = a_buttons ? a_buttons.length : 0;
- for (var n=0; n<a_buttons.length; n++) {
+ for (n=0; n<len; n++) {
button = a_buttons[n];
if (button.id == id && button.status == 'act') {
- elm = document.getElementById(button.id);
- if (elm && button.act) {
+ obj = document.getElementById(button.id);
+ if (obj && button.act) {
if (button.type == 'image')
- elm.src = button.act;
+ obj.src = button.act;
else
- elm.className = button.act;
+ obj.className = button.act;
}
}
}
};
-
this.focus_textfield = function(elem)
{
elem._hasfocus = true;
@@ -5315,14 +5327,14 @@ function rcube_webmail()
if (!this.gui_objects.message) {
// save message in order to display after page loaded
if (type != 'loading')
- this.pending_message = new Array(msg, type, timeout);
+ this.pending_message = [msg, type, timeout];
return false;
}
type = type ? type : 'notice';
var ref = this,
- key = String(msg).replace(this.identifier_expr, '_'),
+ key = this.html_identifier(msg),
date = new Date(),
id = type + date.getTime();
@@ -5415,7 +5427,7 @@ function rcube_webmail()
};
// mark a mailbox as selected and set environment variable
- this.select_folder = function(name, prefix)
+ this.select_folder = function(name, prefix, encode)
{
if (this.gui_objects.folderlist) {
var current_li, target_li;
@@ -5423,7 +5435,7 @@ function rcube_webmail()
if ((current_li = $('li.selected', this.gui_objects.folderlist))) {
current_li.removeClass('selected').addClass('unfocused');
}
- if ((target_li = this.get_folder_li(name, prefix))) {
+ if ((target_li = this.get_folder_li(name, prefix, encode))) {
$(target_li).removeClass('unfocused').addClass('selected');
}
@@ -5433,13 +5445,13 @@ function rcube_webmail()
};
// helper method to find a folder list item
- this.get_folder_li = function(name, prefix)
+ this.get_folder_li = function(name, prefix, encode)
{
if (!prefix)
prefix = 'rcmli';
if (this.gui_objects.folderlist) {
- name = String(name).replace(this.identifier_expr, '_');
+ name = this.html_identifier(name, encode);
return document.getElementById(prefix+name);
}
@@ -5553,7 +5565,7 @@ function rcube_webmail()
{
var reg, link, text_obj, item, mycount, childcount, div;
- if (item = this.get_folder_li(mbox)) {
+ if (item = this.get_folder_li(mbox, '', true)) {
mycount = this.env.unread_counts[mbox] ? this.env.unread_counts[mbox] : 0;
link = $(item).children('a').eq(0);
text_obj = link.children('span.unreadcount');
@@ -5565,7 +5577,7 @@ function rcube_webmail()
if ((div = item.getElementsByTagName('div')[0]) &&
div.className.match(/collapsed/)) {
// add children's counters
- for (var k in this.env.unread_counts)
+ for (var k in this.env.unread_counts)
if (k.indexOf(mbox + this.env.delimiter) == 0)
childcount += this.env.unread_counts[k];
}
@@ -5606,16 +5618,12 @@ function rcube_webmail()
this.toggle_prefer_html = function(checkbox)
{
- var elem;
- if (elem = document.getElementById('rcmfd_addrbook_show_images'))
- elem.disabled = !checkbox.checked;
+ $('#rcmfd_show_images').prop('disabled', !checkbox.checked).val(0);
};
this.toggle_preview_pane = function(checkbox)
{
- var elem;
- if (elem = document.getElementById('rcmfd_preview_pane_mark_read'))
- elem.disabled = !checkbox.checked;
+ $('#rcmfd_preview_pane_mark_read').prop('disabled', !checkbox.checked);
};
// display fetched raw headers
@@ -5731,14 +5739,14 @@ function rcube_webmail()
$.ajax({ type: 'POST', url: url, data: htmlText, contentType: 'application/octet-stream',
error: function(o, status, err) { rcmail.http_error(o, status, err, lock); },
- success: function(data) { rcmail.set_busy(false, null, lock); $(document.getElementById(id)).val(data); rcmail.log(data); }
+ success: function(data) { rcmail.set_busy(false, null, lock); $('#'+id).val(data); rcmail.log(data); }
});
};
this.plain2html = function(plainText, id)
{
var lock = this.set_busy(true, 'converting');
- $(document.getElementById(id)).val(plainText ? '<pre>'+plainText+'</pre>' : '');
+ $('#'+id).val(plainText ? '<pre>'+plainText+'</pre>' : '');
this.set_busy(false, null, lock);
};
diff --git a/program/js/common.js b/program/js/common.js
index c13d95e3d..69ec28c4c 100644
--- a/program/js/common.js
+++ b/program/js/common.js
@@ -711,3 +711,82 @@ if (bw.ie)
return obj;
}
}
+
+// This code was written by Tyler Akins and has been placed in the
+// public domain. It would be nice if you left this header intact.
+// Base64 code from Tyler Akins -- http://rumkin.com
+var Base64 = (function () {
+ var keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
+
+ var obj = {
+ /**
+ * Encodes a string in base64
+ * @param {String} input The string to encode in base64.
+ */
+ encode: function (input) {
+ if (typeof(window.btoa) === 'function')
+ return btoa(input);
+
+ var chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0, output = '', len = input.length;
+
+ do {
+ chr1 = input.charCodeAt(i++);
+ chr2 = input.charCodeAt(i++);
+ chr3 = input.charCodeAt(i++);
+
+ enc1 = chr1 >> 2;
+ enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+ enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+ enc4 = chr3 & 63;
+
+ if (isNaN(chr2))
+ enc3 = enc4 = 64;
+ else if (isNaN(chr3))
+ enc4 = 64;
+
+ output = output
+ + keyStr.charAt(enc1) + keyStr.charAt(enc2)
+ + keyStr.charAt(enc3) + keyStr.charAt(enc4);
+ } while (i < len);
+
+ return output;
+ },
+
+ /**
+ * Decodes a base64 string.
+ * @param {String} input The string to decode.
+ */
+ decode: function (input) {
+ if (typeof(window.atob) === 'function')
+ return atob(input);
+
+ var chr1, chr2, chr3, enc1, enc2, enc3, enc4, len, i = 0, output = '';
+
+ // remove all characters that are not A-Z, a-z, 0-9, +, /, or =
+ input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
+ len = input.length;
+
+ do {
+ enc1 = keyStr.indexOf(input.charAt(i++));
+ enc2 = keyStr.indexOf(input.charAt(i++));
+ enc3 = keyStr.indexOf(input.charAt(i++));
+ enc4 = keyStr.indexOf(input.charAt(i++));
+
+ chr1 = (enc1 << 2) | (enc2 >> 4);
+ chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+ chr3 = ((enc3 & 3) << 6) | enc4;
+
+ output = output + String.fromCharCode(chr1);
+
+ if (enc3 != 64)
+ output = output + String.fromCharCode(chr2);
+ if (enc4 != 64)
+ output = output + String.fromCharCode(chr3);
+ } while (i < len);
+
+ return output;
+ }
+ };
+
+ return obj;
+})();
diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc
index d4dcd0a84..828f8debc 100644
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@@ -22,7 +22,7 @@
// show loading page
if (!empty($_GET['_preload'])) {
- $url = str_replace('&_preload=1', '', $_SERVER['REQUEST_URI']);
+ $url = preg_replace('/[&?]+_preload=1/', '', $_SERVER['REQUEST_URI']);
$message = rcube_label('loadingdata');
header('Content-Type: text/html; charset=' . RCMAIL_CHARSET);
diff --git a/program/steps/settings/func.inc b/program/steps/settings/func.inc
index 6ba524724..28da87628 100644
--- a/program/steps/settings/func.inc
+++ b/program/steps/settings/func.inc
@@ -437,14 +437,15 @@ function rcmail_user_prefs($current=null)
if (!isset($no_override['show_images'])) {
$field_id = 'rcmfd_show_images';
- $input_show_images = new html_select(array('name' => '_show_images', 'id' => $field_id));
+ $input_show_images = new html_select(array('name' => '_show_images', 'id' => $field_id,
+ 'disabled' => !$config['prefer_html']));
$input_show_images->add(rcube_label('never'), 0);
$input_show_images->add(rcube_label('fromknownsenders'), 1);
$input_show_images->add(rcube_label('always'), 2);
$blocks['main']['options']['show_images'] = array(
'title' => html::label($field_id, Q(rcube_label('showremoteimages'))),
- 'content' => $input_show_images->show($config['show_images']),
+ 'content' => $input_show_images->show($config['prefer_html'] ? $config['show_images'] : 0),
);
}
diff --git a/skins/default/common.css b/skins/default/common.css
index cd3ef62f8..bf00dc351 100644
--- a/skins/default/common.css
+++ b/skins/default/common.css
@@ -5,7 +5,8 @@ body
font-family: "Lucida Grande", Verdana, Arial, Helvetica, sans-serif;
margin: 8px;
background-color: #F6F6F6;
- color: #000000;
+ color: #000;
+ font-size: 12px;
}
body.iframe
@@ -19,9 +20,10 @@ body.extwin
margin: 10px;
}
-body, td, th, div, p, select, input, textarea
+td, th, div, p, select, input, textarea
{
font-size: 12px;
+ font-family: inherit;
}
th
@@ -36,13 +38,13 @@ h3
a, a:active, a:visited
{
- color: #000000;
+ color: #000;
outline: none;
}
a.button, a.button:visited, a.tab, a.tab:visited, a.axislist
{
- color: #000000;
+ color: #000;
text-decoration: none;
}
@@ -56,7 +58,7 @@ a.tab
hr
{
height: 1px;
- background-color: #666666;
+ background-color: #666;
border-style: none;
}
@@ -65,9 +67,9 @@ input[type="button"],
input[type="password"],
textarea
{
- border: 1px solid #666666;
- color: #333333;
- background-color: #ffffff;
+ border: 1px solid #666;
+ color: #333;
+ background-color: #FFF;
}
input, textarea
diff --git a/tests/mailfunc.php b/tests/mailfunc.php
index 6dc60ba04..92234efc6 100644
--- a/tests/mailfunc.php
+++ b/tests/mailfunc.php
@@ -55,7 +55,6 @@ class rcube_test_mailfunc extends UnitTestCase
//$this->assertNoPattern('/<style [^>]+>/', $html, "No style tags allowed");
$this->assertNoPattern('/<form [^>]+>/', $html, "No form tags allowed");
$this->assertPattern('/Subscription form/', $html, "Include <form> contents");
- $this->assertPattern('/<!-- input ignored -->/', $html, "No input elements allowed");
$this->assertPattern('/<!-- link ignored -->/', $html, "No external links allowed");
$this->assertPattern('/<a[^>]+ target="_blank">/', $html, "Set target to _blank");
$this->assertTrue($GLOBALS['REMOTE_OBJECTS'], "Remote object detected");
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-12 13:39:28 +0000