[Svn] [roundcube/roundcubemail] 681ba6: Improve system security by using optional special ...

GitHub noreply at github.com
Tue Dec 16 13:40:26 CET 2014


  Branch: refs/heads/master
  Home:   https://github.com/roundcube/roundcubemail
  Commit: 681ba6fc3c296cd6cd11050531b8f4e785141786
      https://github.com/roundcube/roundcubemail/commit/681ba6fc3c296cd6cd11050531b8f4e785141786
  Author: Aleksander Machniak <alec at alec.pl>
  Date:   2014-12-16 (Tue, 16 Dec 2014)

  Changed paths:
    M .htaccess
    M CHANGELOG
    M config/defaults.inc.php
    M index.php
    M plugins/acl/acl.js
    M plugins/acl/acl.php
    M plugins/legacy_browser/js/iehacks.js
    M plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
    M program/include/rcmail.php
    M program/include/rcmail_output.php
    M program/include/rcmail_output_html.php
    M program/include/rcmail_output_json.php
    M program/js/app.js
    M program/js/editor.js
    M program/lib/Roundcube/rcube.php
    M program/steps/addressbook/delete.inc
    M program/steps/addressbook/func.inc
    M program/steps/addressbook/photo.inc
    M program/steps/mail/compose.inc
    M program/steps/mail/show.inc
    M program/steps/settings/func.inc
    M program/steps/utils/error.inc

  Log Message:
  -----------
  Improve system security by using optional special URL with security token
Allows to define separate server/path for image/js/css files
Fix bugs where CSRF attacks were still possible on some requests


  Commit: 7259529fad909c51bd412135827af08155f72e19
      https://github.com/roundcube/roundcubemail/commit/7259529fad909c51bd412135827af08155f72e19
  Author: Aleksander Machniak <alec at alec.pl>
  Date:   2014-12-16 (Tue, 16 Dec 2014)

  Changed paths:
    M program/include/rcmail.php

  Log Message:
  -----------
  Get rid of requests whitelist for security check bypass


Compare: https://github.com/roundcube/roundcubemail/compare/53b7421d4419...7259529fad90


More information about the svn mailing list