From 681ba6fc3c296cd6cd11050531b8f4e785141786 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak Date: Tue, 16 Dec 2014 13:28:48 +0100 Subject: Improve system security by using optional special URL with security token Allows to define separate server/path for image/js/css files Fix bugs where CSRF attacks were still possible on some requests --- program/include/rcmail_output.php | 1 + 1 file changed, 1 insertion(+) (limited to 'program/include/rcmail_output.php') diff --git a/program/include/rcmail_output.php b/program/include/rcmail_output.php index 0f7aaf966..76ff4e75e 100644 --- a/program/include/rcmail_output.php +++ b/program/include/rcmail_output.php @@ -28,6 +28,7 @@ abstract class rcmail_output extends rcube_output { const JS_OBJECT_NAME = 'rcmail'; + const BLANK_GIF = 'R0lGODlhDwAPAIAAAMDAwAAAACH5BAEAAAAALAAAAAAPAA8AQAINhI+py+0Po5y02otnAQA7'; public $type = 'html'; public $ajax_call = false; -- cgit v1.2.3