From ebc619c149f82e9151bbf672cf065447f4d12923 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Fri, 26 Feb 2010 08:06:48 +0000
Subject: - Fix CVE-2010-0464: Disable DNS prefetching (#1486449)

---
 program/steps/mail/get.inc | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'program/steps/mail/get.inc')

diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc
index cb938c08b..a41925a65 100644
--- a/program/steps/mail/get.inc
+++ b/program/steps/mail/get.inc
@@ -41,6 +41,7 @@ if (!empty($_GET['_uid'])) {
   $MESSAGE = new rcube_message(get_input_value('_uid', RCUBE_INPUT_GET));
 }
 
+send_nocacheing_headers();
 
 // show part page
 if (!empty($_GET['_frame'])) {
@@ -66,8 +67,6 @@ else if ($pid = get_input_value('_part', RCUBE_INPUT_GET)) {
     
     $browser = new rcube_browser;
 
-    send_nocacheing_headers();
-    
     // send download headers
     if ($_GET['_download']) {
       header("Content-Type: application/octet-stream");
-- 
cgit v1.2.3