summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoralecpl <alec@alec.pl>2011-11-24 07:34:32 +0000
committeralecpl <alec@alec.pl>2011-11-24 07:34:32 +0000
commit5510a5278b0001b79501ecce82a87ba9797d86e1 (patch)
tree7b214a7232e6576ff216cc5a98564f5476df4349
parentf78b944779d01953f7ee4b522e208a5bc4b30af8 (diff)
- Fix possible infinite redirect on attachment preview (#1488199)
-rw-r--r--CHANGELOG1
-rw-r--r--program/steps/mail/get.inc2
2 files changed, 2 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG
index a63ed7161..8691b57ef 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix possible infinite redirect on attachment preview (#1488199)
- Improved clickjacking protection for browsers which don't support X-Frame-Options headers
- Fixed bug where similiar folder names were highlighted wrong (#1487860)
- Fixed bug in handling link with '!' character in it (#1488195)
diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc
index d4dcd0a84..828f8debc 100644
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@@ -22,7 +22,7 @@
// show loading page
if (!empty($_GET['_preload'])) {
- $url = str_replace('&_preload=1', '', $_SERVER['REQUEST_URI']);
+ $url = preg_replace('/[&?]+_preload=1/', '', $_SERVER['REQUEST_URI']);
$message = rcube_label('loadingdata');
header('Content-Type: text/html; charset=' . RCMAIL_CHARSET);