0ct0pu5/squirrelmail
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14888 commits 3 branches 0 tags 27 MiB
Commit graph

459 commits

Author SHA1 Message Date
pdontthink
c763ff909d
Sanitize part of a header inadvertently included as-is after processing the first part which was encoded (Thanks to yelang123 (@yelang123x) and nga990 (@nga_990)) CVE-2025-30090 2025-04-01 23:13:45 -07:00
pdontthink
598a599ba3
Happy New Year 2025-01-03 11:47:03 -08:00
pdontthink
0472dd0960
Don't need to decode empty string/NULL 2024-09-16 08:03:25 -07:00
pdontthink
39cfdaadfd
Happy New Year 2024-01-02 14:58:16 -08:00
pdontthink
380afc7213
Happy New Year 2023-01-02 22:04:25 -08:00
pdontthink
56f8263300
Greatly fix the plaintext display of messages that do not have a text part. Patch from Alexey Shpakovsky (#496) 2022-05-23 05:18:40 -07:00
pdontthink
bcdfe6e9f1
Happy New Year 2022-01-26 01:06:50 -08:00
pdontthink
39555bed41
Migrate away from using create_function as long as PHP 5.3+ is available 2021-02-08 15:19:14 -08:00
pdontthink
b177d0ef66
Remove random default argument value in the middle of argument list 2021-02-07 23:10:48 -08:00
pdontthink
4783fa1b6a
Stop using curly braces 2021-02-06 09:33:41 -08:00
Andy
fabb21dfcf
Undo Change to Trunk 2021-02-06 09:20:02 -08:00
pdontthink
c4ef1a0eea
Happy New Year 2021-02-05 11:55:37 -08:00
pdontthink
8e48a0bb7b
Remove use of each() as it is deprecated 2021-01-16 02:08:19 -08:00
pdontthink
dc69181ec7 Fix what I think was a misunderstanding of what the extra attribute was supposed to be for the anchor links for attachment actions 2020-11-03 12:51:14 -08:00
pdontthink
2c5c97b38e
Allow plugins to provide their own view/download attachment links 2020-07-11 00:17:34 -07:00
pdontthink
f1976f9dee
Fix previously incomplete commit 2020-07-10 23:22:31 -07:00
pdontthink
eb7f686a56
Add MIME type parameters ("type0", "type1") to the end of the plugin arguments for all attachment hooks 2020-07-10 22:05:58 -07:00
pdontthink
448641fd91
Show better filesize approximations for base64-encoded attachments 2020-05-23 16:44:05 -07:00
pdontthink
fc283980d0
Happy New Year 2020-01-07 00:12:38 -08:00
pdontthink
bfa341262f
Even better HTML email content style containment 2020-01-06 23:16:01 -08:00
pdontthink
04a1ec1912
Better HTML email content style containment 2020-01-06 13:37:05 -08:00
pdontthink
118d6d8fae
Add handling for RCDATA and RAWTEXT elements in HTML sanitizer (CVE-2019-12970) 2019-07-23 18:31:55 -07:00
pdontthink
73fbd94545
PHP7.2 fix (#2848) 2019-06-18 00:22:55 -07:00
pdontthink
2a0669bdde
Disable SVG display be default 2019-02-26 22:15:05 -08:00
pdontthink
1760956c2a
Updated SVG handling, gracefully fix broken base64-encoded messages, also close XSS reported in #2831 and CVE-2018-14950, CVE-2018-14951, CVE-2018-14952, CVE-2018-14953, CVE-2018-14954, CVE-2018-14955 2019-02-23 15:25:23 -08:00
pdontthink
fbcb1ca1f5
Happy New Year 2019-01-07 21:55:08 -08:00
pdontthink
85858f0a3b
Fix broken mailto links created by some (Microsoft?) clients 2018-09-21 11:33:14 -07:00
pdontthink
23cd61b628 Happy New Year 2018-01-16 23:44:07 +00:00
pdontthink
b0cbefcafe Remove outdated headers 2017-08-16 07:59:53 +00:00
pdontthink
6cd24c0552 Happy 2017 2017-01-27 20:34:08 +00:00
pdontthink
2934017d92 Happy New Year 2016-01-01 20:59:53 +00:00
pdontthink
3b465a0d0f Happy 2015 2015-01-03 04:09:49 +00:00
pdontthink
581dc23061 Happy 2014 2014-01-01 20:33:20 +00:00
pdontthink
302724aa45 Add new spacer image and allow its use for unsafe images instead of the sec_remove_* image -- brings HTML emails into the modern age (much more viewable) 2013-10-23 10:09:16 +00:00
Fredrik Jervfors
c076a1f1ae Update copyright 2013-07-26 17:31:02 +00:00
pdontthink
70fcd2f2ea Note a bug 2013-06-19 07:44:53 +00:00
Thijs Kinkhorst
6958cd07e8 Remove use of deprecated /e modifier in preg_replace. 
This modifier starts generating Deprecated notices from PHP 5.5.
 2013-05-16 12:16:58 +00:00
Thijs Kinkhorst
efd75f4867 Replace calls to htmlspecialchars() with sm_encode_html_special_chars(). 
New function sm_encode_html_special_chars() encodes HTML special
characters by calling htmlspecialchars(). It sets the character set
to ISO-8859-1, to fix compatibility with PHP >= 5.4.

Patch by Paul Lesniewski.

See #3491925
 2012-12-09 12:06:30 +00:00
pdontthink
d4e2698415 Account for servers that send extra unsolicited FETCH responses (such as when flags change due to a FETCH request). PLEASE TEST! 2012-07-27 23:03:15 +00:00
pdontthink
b2cc0dac1c Revert changes in revision 14302. Revision 14302 should only have changed functions/imap_general.php 2012-04-01 20:09:11 +00:00
pdontthink
33ebad3f5c Fall back to using LIST if NAMESPACE answer is malformed or otherwise problematic. This still doesn't account for situations where the NAMESPACE or LIST answer can't be parsed correctly. 2012-04-01 19:50:49 +00:00
pdontthink
acc409fb2a Updating copyrights. Happy New Year. 2012-01-02 02:09:17 +00:00
Thijs Kinkhorst
2f36c7bb19 attary may be empty at this point and the sq_fixatts call will generate PHP 
Warnings. Wrap it in a conditional just like the other sq_fixatts call.
 2011-07-13 08:44:04 +00:00
pdontthink
9b7080ad98 Fix XSS problem with unsanitized style tags in messages [CVE-2011-2023] 2011-07-12 04:59:12 +00:00
pdontthink
fc57bf2b59 Happy New Year! 2011-01-06 03:16:21 +00:00
pdontthink
35efbd5e30 Now allow multiple plugins to handle (add links for) a single attachment MIME type 2010-09-12 06:02:18 +00:00
pdontthink
83236fcc19 Encoded From headers now properly quoted (#2830141). A better fix might be to re-write encodeHeader() 2010-01-30 17:10:07 +00:00
pdontthink
7aa0e60863 Update copyrights to 2010 2010-01-25 03:23:30 +00:00
Fredrik Jervfors
134d462c94 The copyright symbol isn't really needed since the word "copyright" is there. Also it doesn't display right in the documentation. 2009-09-29 12:15:33 +00:00
pdontthink
beff3aec0d Fix broken regular expression 2009-08-01 19:17:55 +00:00