Le mercredi 25 novembre 2009 19:56, fakessh a écrit :
On Wed, 25 Nov 2009 11:19:08 -0600, chasd chasd@silveroaks.com wrote:
Research indicates that you referred me over file
[root@r13151 www]# find . -name '*.php' -exec grep -l "header ('Content-Type:" {} ;
The regular expression got broken to an additional line by my MUA. Make sure that regex is all on one line, and then run that command.
It looks like you'll also have to look for files that end in " .inc " as well
find . -name '*.inc' -exec grep -l "header('Content-Type:" {} ; ./program/steps/addressbook/export.inc ./program/steps/mail/attachments.inc ./program/steps/mail/get.inc
exactly how it should change the file returned by the command quoted above
anywhere you see :
header('Content-Type: ***************);
put
header('Accept: text/xml');
on a line beneath it. I'm not sure if the Accept header should also include other mime types. Here is a random Accept: header from our Intranet : Accept:application/xml,application/xhtml+xml,text/html;q=0.9,text/ plain;q=0.8,image/png,*/*;q=0.5
There are tools to see those headers, I used Safari's Web Inspector.
Note the actual mime type sent via the Content-Type: header isn't always the same :
find . -name '*.inc' -exec grep "header('Content-Type:" {} ;
header('Content-Type: text/x-vcard; charset='.RCMAIL_CHARSET); header('Content-Type: ' . $attachment['mimetype']); header('Content-Type: text/html; charset=' . RCMAIL_CHARSET);
find . -name '*.php' -exec grep "header('Content-Type:" {} ;
header('Content-Type: text/plain'); header('Content-Type: text/html; charset=' . $this-
charset);
header('Content-Type: text/plain; charset=' . $this-get_charset());
header('Content-Type: text/plain; charset=UTF-8'); header('Content-Type: text/css');
RoundCube sends that Content-Type: header for every page, but it sends other headers depending on what page or what data is being sent. If you add the Accept: header at each point where the Content- Type: header is sent, that should make mod_security happy.
I failed to operate roundcubemail with the changes indicated in your post when mod_security is active
mod_security with in disabled state, the roundcubemail release 0.3.1 works well under CentOS 5.4 MacOS X 10.4 with Safari or Firefox: any this with a PPC processor
changes indicated by you, are not sufficient or is not correct, at least with mod_security for apache can not access the webmail
I still need your help and your advanced knowledge in the operation of roundcube
thanks for your help
thanks _______________________________________________ List info: http://lists.roundcube.net/dev/
Hi all Hi list Hi charles
here's nobody else who encounters the same problems with the release 0.3.1 and mod_security. here is the problem for tests ordered by Charles, we must stop roundcube and now I have three accounts running on production with roundcube disables mod_security
It bothers me to stop my webmail service for several hours
if anyone has a solution, an official patch
a good suggestion
thanks for all your
thanks _______________________________________________ List info: http://lists.roundcube.net/users/