diff options
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/help/config.inc.php.dist | 2 | ||||
| -rw-r--r-- | plugins/help/help.php | 11 | ||||
| -rw-r--r-- | plugins/help/localization/en_US.inc | 1 |
3 files changed, 14 insertions, 0 deletions
diff --git a/plugins/help/config.inc.php.dist b/plugins/help/config.inc.php.dist index e7eaf7ad5..f135eef8e 100644 --- a/plugins/help/config.inc.php.dist +++ b/plugins/help/config.inc.php.dist @@ -33,3 +33,5 @@ $config['help_license_url'] = null; // Determine whether to open the help in a new window $config['help_open_extwin'] = false; +// URL to additional information about CSRF protection +$config['help_csrf_info'] = null; diff --git a/plugins/help/help.php b/plugins/help/help.php index d71cd0ec6..5387c9f35 100644 --- a/plugins/help/help.php +++ b/plugins/help/help.php @@ -34,6 +34,7 @@ class help extends rcube_plugin $this->register_action('license', array($this, 'action')); $this->add_hook('startup', array($this, 'startup')); + $this->add_hook('error_page', array($this, 'error_page')); } function startup($args) @@ -140,6 +141,16 @@ class help extends rcube_plugin return $rcmail->output->frame($attrib); } + function error_page($args) + { + $rcmail = rcmail::get_instance(); + + if ($args['code'] == 403 && $rcmail->request_status == rcube::REQUEST_ERROR_URL && ($url = $rcmail->config->get('help_csrf_info'))) { + $args['text'] .= '<p>' . html::a(array('href' => $url, 'target' => '_blank'), $this->gettext('csrfinfo')) . '</p>'; + } + + return $args; + } private function resolve_language($path) { diff --git a/plugins/help/localization/en_US.inc b/plugins/help/localization/en_US.inc index b81f02fb9..d44b9a886 100644 --- a/plugins/help/localization/en_US.inc +++ b/plugins/help/localization/en_US.inc @@ -20,5 +20,6 @@ $labels = array(); $labels['help'] = 'Help'; $labels['about'] = 'About'; $labels['license'] = 'License'; +$labels['csrfinfo'] = 'Read more about CSRF and how we protect you'; ?> |