 Fredrik Jervfors
|
2c88b013a0
Updating use of sqgetGlobalVar.
|
17 tahun lalu |
|
Fredrik Jervfors
|
f5d40976f3
Updating my previous comments.
|
17 tahun lalu |
|
Fredrik Jervfors
|
4038839abf
Viewing unsafe images is a core functionality, so I remove these comments.
|
17 tahun lalu |
|
Fredrik Jervfors
|
0c2da19718
Adding comments.
|
17 tahun lalu |
|
Thijs Kinkhorst
|
b57f700812
reset token when another < is detected, to ensure that HTML tags between
|
17 tahun lalu |
|
Thijs Kinkhorst
|
086605a234
fix spelling of variable name which made its meaning confusing
|
17 tahun lalu |
|
Fredrik Jervfors
|
99264da765
Reinserting support for the "iframe_height" option. This might be done in a better way - if so, please do it.
|
17 tahun lalu |
|
pdontthink
|
d36dcbdbe6
Don't let more general attachment plugins override changes made by specific ones; also judge by changes to the defaultlink in addition to added links. Thanks to Thierry Godefroy.
|
17 tahun lalu |
|
pdontthink
|
63f24bd506
avoid E_STRICT errors
|
17 tahun lalu |
|
pdontthink
|
642f901396
A few output elements are used often, so just retrieve them once and make them globally available
|
17 tahun lalu |
|
jangliss
|
44d36821b1
Some IMAP servers handle empty bodies different. NIL is a valid response for the body, but we always expect a literal with a size. See RFC2180 sec 4.1.3.
|
17 tahun lalu |
|
pdontthink
|
2cb20957be
Make mailto: links work when viewing HTML messages. Security folks, can this be exploited?
|
17 tahun lalu |
|
Thijs Kinkhorst
|
f3aa45aa92
drop unneeded global
|
18 tahun lalu |
|
Thijs Kinkhorst
|
6462c7e3de
fix some bugs found by grepping for urlencode/urldecode
|
18 tahun lalu |
|
Thijs Kinkhorst
|
baff951679
color has been dropped as a parameter from (plain_)error_message,
|
18 tahun lalu |
|
pdontthink
|
2747b5f21e
Grammar fix and comment to Marc I think.
|
18 tahun lalu |
|
Thijs Kinkhorst
|
71719fccb1
Security: fixes for the HTML filter to counter further XSS exploits:
|
18 tahun lalu |
|
pdontthink
|
f3f3eb92df
Generate links using templates
|
18 tahun lalu |
|
Thijs Kinkhorst
|
11b10ba5d1
increment year in copyright notices
|
18 tahun lalu |
|
pdontthink
|
717be5c30c
Massive update to plugin system architecture. Please test! Not all core plugins are tested yet, please point out issues that need to be fixed. Please see http://marc.theaimsgroup.com/?t=116282394000001&r=1&w=2
|
18 tahun lalu |
|
Thijs Kinkhorst
|
1c4fe25e5f
tweak comments
|
18 tahun lalu |
|
stekkel
|
d22a11a4d4
More XSS fixes related to magicHtml
|
18 tahun lalu |
|
Thijs Kinkhorst
|
4991adee3b
- Security: close cross site scripting vulnerability in draft, compose
|
18 tahun lalu |
|
pdontthink
|
08bcbd6471
After looking into it, I slightly misunderstood the intention here. Code is just fine as is.
|
19 tahun lalu |
|
pdontthink
|
b6ff5b5a46
Adding ability to hook into ANY attachment type. Also, please review my comments, Does anyone know if/when/how the wildcard attachment code was working??? It looks pretty broken to me, but has been here a long time, so...????
|
19 tahun lalu |
|
stevetruckstuff
|
4a2a0b54a4
Template for viewing HTML messages in iframes
|
19 tahun lalu |
|
stevetruckstuff
|
f427409c19
Create a separate function to build the attachments array so that the same array can be given to printer-freindly views.
|
19 tahun lalu |
|
stevetruckstuff
|
20e71360d8
<span> tags end with </span>, not </style> stupid!
|
19 tahun lalu |
|
stevetruckstuff
|
e08c7d6bad
1) Make translateText use styles instead of $color
|
19 tahun lalu |
|
stevetruckstuff
|
34d254fdd8
create separate vars for download link and unsafe image toggle for later use with templates.
|
19 tahun lalu |
