Projects
Kolab:3.4
roundcubemail
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 62
View file
roundcubemail-1.1-collated.patch
Changed
@@ -1110,250 +1110,3 @@ } // failed request (wrong step in URL) -diff -ur roundcubemail-1.1.orig/public_html/.htaccess roundcubemail-1.1/public_html/.htaccess ---- roundcubemail-1.1.orig/public_html/.htaccess 2014-11-10 17:12:45.000000000 +0100 -+++ roundcubemail-1.1/public_html/.htaccess 2014-11-14 14:07:29.183969452 +0100 -@@ -30,7 +30,7 @@ - # security rules: - # - deny access to files not containing a dot or starting with a dot - # in all locations except installer directory --RewriteRule ^(?!installer)(\.?[^\.]+)$ - [F] -+RewriteRule ^(?!installer|[a-f0-9]{16})(\.?[^\.]+)$ - [F] - # - deny access to some locations - RewriteRule ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F] - # - deny access to some documentation files -diff -ur roundcubemail-1.1.orig/public_html/plugins/acl/acl.js roundcubemail-1.1/public_html/plugins/acl/acl.js ---- roundcubemail-1.1.orig/public_html/plugins/acl/acl.js 2014-11-10 17:12:45.000000000 +0100 -+++ roundcubemail-1.1/public_html/plugins/acl/acl.js 2014-11-14 14:07:29.185969454 +0100 -@@ -58,8 +58,11 @@ - var users = this.acl_get_usernames(); - - if (users && users.length && confirm(this.get_label('acl.deleteconfirm'))) { -- this.http_request('settings/plugin.acl', '_act=delete&_user='+urlencode(users.join(',')) -- + '&_mbox='+urlencode(this.env.mailbox), -+ this.http_post('settings/plugin.acl', { -+ _act: 'delete', -+ _user: users.join(','), -+ _mbox: this.env.mailbox -+ }, - this.set_busy(true, 'acl.deleting')); - } - } -@@ -67,7 +70,7 @@ - // Save ACL data - rcube_webmail.prototype.acl_save = function() - { -- var user = $('#acluser', this.acl_form).val(), rights = '', type; -+ var data, type, rights = '', user = $('#acluser', this.acl_form).val(); - - $((this.env.acl_advanced ? '#advancedrights :checkbox' : '#simplerights :checkbox'), this.acl_form).map(function() { - if (this.checked) -@@ -88,12 +91,18 @@ - return; - } - -- this.http_request('settings/plugin.acl', '_act=save' -- + '&_user='+urlencode(user) -- + '&_acl=' +rights -- + '&_mbox='+urlencode(this.env.mailbox) -- + (this.acl_id ? '&_old='+this.acl_id : ''), -- this.set_busy(true, 'acl.saving')); -+ data = { -+ _act: 'save', -+ _user: user, -+ _acl: rights, -+ _mbox: this.env.mailbox -+ } -+ -+ if (this.acl_id) { -+ data._old = this.acl_id; -+ } -+ -+ this.http_post('settings/plugin.acl', data, this.set_busy(true, 'acl.saving')); - } - - // Cancel/Hide form -diff -ur roundcubemail-1.1.orig/public_html/plugins/acl/acl.php roundcubemail-1.1/public_html/plugins/acl/acl.php ---- roundcubemail-1.1.orig/public_html/plugins/acl/acl.php 2014-11-10 17:12:45.000000000 +0100 -+++ roundcubemail-1.1/public_html/plugins/acl/acl.php 2014-11-14 14:07:29.185969454 +0100 -@@ -454,10 +454,10 @@ - */ - private function action_save() - { -- $mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_GPC, true)); // UTF7-IMAP -- $user = trim(rcube_utils::get_input_value('_user', rcube_utils::INPUT_GPC)); -- $acl = trim(rcube_utils::get_input_value('_acl', rcube_utils::INPUT_GPC)); -- $oldid = trim(rcube_utils::get_input_value('_old', rcube_utils::INPUT_GPC)); -+ $mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_POST, true)); // UTF7-IMAP -+ $user = trim(rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST)); -+ $acl = trim(rcube_utils::get_input_value('_acl', rcube_utils::INPUT_POST)); -+ $oldid = trim(rcube_utils::get_input_value('_old', rcube_utils::INPUT_POST)); - - $acl = array_intersect(str_split($acl), $this->rights_supported()); - $users = $oldid ? array($user) : explode(',', $user); -@@ -510,8 +510,8 @@ - */ - private function action_delete() - { -- $mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_GPC, true)); //UTF7-IMAP -- $user = trim(rcube_utils::get_input_value('_user', rcube_utils::INPUT_GPC)); -+ $mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_POST, true)); //UTF7-IMAP -+ $user = trim(rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST)); - - $user = explode(',', $user); - -diff -ur roundcubemail-1.1.orig/public_html/plugins/legacy_browser/js/iehacks.js roundcubemail-1.1/public_html/plugins/legacy_browser/js/iehacks.js ---- roundcubemail-1.1.orig/public_html/plugins/legacy_browser/js/iehacks.js 2014-11-10 17:12:45.000000000 +0100 -+++ roundcubemail-1.1/public_html/plugins/legacy_browser/js/iehacks.js 2014-11-14 14:07:29.185969454 +0100 -@@ -102,7 +102,7 @@ - rcube_webmail.prototype.async_upload_form_frame = function(name) - { - document.body.insertAdjacentHTML('BeforeEnd', '<iframe name="' + name + '"' -- + ' src="program/resources/blank.gif" style="width:0; height:0; visibility:hidden"></iframe>'); -+ + ' src="' + rcmail.assets_path('program/resources/blank.gif') + '" style="width:0; height:0; visibility:hidden"></iframe>'); - - return $('iframe[name="' + name + '"]'); - }; -diff -ur roundcubemail-1.1.orig/public_html/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php roundcubemail-1.1/public_html/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php ---- roundcubemail-1.1.orig/public_html/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php 2014-11-10 17:12:45.000000000 +0100 -+++ roundcubemail-1.1/public_html/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php 2014-11-14 14:07:29.186969456 +0100 -@@ -349,7 +349,7 @@ - } - } - else if ($action == 'setact' && !$error) { -- $script_name = rcube_utils::get_input_value('_set', rcube_utils::INPUT_GPC, true); -+ $script_name = rcube_utils::get_input_value('_set', rcube_utils::INPUT_POST, true); - $result = $this->activate_script($script_name); - $kep14 = $this->rc->config->get('managesieve_kolab_master'); - -@@ -363,7 +363,7 @@ - } - } - else if ($action == 'deact' && !$error) { -- $script_name = rcube_utils::get_input_value('_set', rcube_utils::INPUT_GPC, true); -+ $script_name = rcube_utils::get_input_value('_set', rcube_utils::INPUT_POST, true); - $result = $this->deactivate_script($script_name); - - if ($result === true) { -@@ -376,7 +376,7 @@ - } - } - else if ($action == 'setdel' && !$error) { -- $script_name = rcube_utils::get_input_value('_set', rcube_utils::INPUT_GPC, true); -+ $script_name = rcube_utils::get_input_value('_set', rcube_utils::INPUT_POST, true); - $result = $this->remove_script($script_name); - - if ($result === true) { -@@ -419,14 +419,14 @@ - $this->rc->output->command('managesieve_updatelist', 'list', array('list' => $result)); - } - else if ($action == 'ruleadd') { -- $rid = rcube_utils::get_input_value('_rid', rcube_utils::INPUT_GPC); -+ $rid = rcube_utils::get_input_value('_rid', rcube_utils::INPUT_POST); - $id = $this->genid(); - $content = $this->rule_div($fid, $id, false); - - $this->rc->output->command('managesieve_rulefill', $content, $id, $rid); - } - else if ($action == 'actionadd') { -- $aid = rcube_utils::get_input_value('_aid', rcube_utils::INPUT_GPC); -+ $aid = rcube_utils::get_input_value('_aid', rcube_utils::INPUT_POST); - $id = $this->genid(); - $content = $this->action_div($fid, $id, false); - -diff -ur roundcubemail-1.1.orig/public_html/program/js/app.js roundcubemail-1.1/public_html/program/js/app.js ---- roundcubemail-1.1.orig/public_html/program/js/app.js 2014-11-10 17:12:45.000000000 +0100 -+++ roundcubemail-1.1/public_html/program/js/app.js 2014-11-14 14:07:29.191969462 +0100 -@@ -58,7 +58,6 @@ - request_timeout: 180, // seconds - draft_autosave: 0, // seconds - comm_path: './', -- blankpage: 'program/resources/blank.gif', - recipients_separator: ',', - recipients_delimiter: ', ', - popup_width: 1150, -@@ -163,6 +162,9 @@ - return; - } - -+ if (!this.env.blankpage) -+ this.env.blankpage = this.assets_path('program/resources/blank.gif'); -+ - // find all registered gui containers - for (n in this.gui_containers) - this.gui_containers[n] = $('#'+this.gui_containers[n]); -@@ -1405,8 +1407,10 @@ - - if (task == 'mail') - url += '&_mbox=INBOX'; -- else if (task == 'logout' && !this.env.server_error) -+ else if (task == 'logout' && !this.env.server_error) { -+ url += '&_token=' + this.env.request_token; - this.clear_compose_data(); -+ } - - this.redirect(url); - }; -@@ -1416,7 +1420,10 @@ - if (!url) - url = this.env.comm_path; - -- return url.replace(/_task=[a-z0-9_-]+/i, '_task='+task); -+ if (url.match(/[?&]_task=[a-zA-Z0-9_-]+/)) -+ return url.replace(/_task=[a-zA-Z0-9_-]+/, '_task=' + task); -+ else -+ return url.replace(/\?.*$/, '') + '?_task=' + task; - }; - - this.reload = function(delay) -@@ -7982,7 +7989,7 @@ - - img.onload = function() { ref.env.browser_capabilities.tif = 1; }; - img.onerror = function() { ref.env.browser_capabilities.tif = 0; }; -- img.src = 'program/resources/blank.tif'; -+ img.src = this.assets_path('program/resources/blank.tif'); - }; - - this.pdf_support_check = function() -@@ -8039,6 +8046,15 @@ - return 0; - }; - -+ this.assets_path = function(path) -+ { -+ if (this.env.assets_path && !path.startsWith(this.env.assets_path)) { -+ path = this.env.assets_path + path; -+ } -+ -+ return path; -+ }; -+ - // Cookie setter - this.set_cookie = function(name, value, expires) - { -diff -ur roundcubemail-1.1.orig/public_html/program/js/editor.js roundcubemail-1.1/public_html/program/js/editor.js ---- roundcubemail-1.1.orig/public_html/program/js/editor.js 2014-11-10 17:12:45.000000000 +0100 -+++ roundcubemail-1.1/public_html/program/js/editor.js 2014-11-14 14:07:29.192969463 +0100 -@@ -36,11 +36,12 @@ - function rcube_text_editor(config, id) - { - var ref = this, -+ abs_url = location.href.replace(/[?#].*$/, '').replace(/\/$/, ''), - conf = { - selector: '#' + ($('#' + id).is('.mce_editor') ? id : 'fake-editor-id'), - theme: 'modern', - language: config.lang, -- content_css: 'program/js/tinymce/roundcube/content.css?v2', -+ content_css: rcmail.assets_path('program/js/tinymce/roundcube/content.css?v2'), - menubar: false, - statusbar: false, - toolbar_items_size: 'small', -@@ -82,7 +83,7 @@ - toolbar: 'bold italic underline | alignleft aligncenter alignright alignjustify' - + ' | bullist numlist outdent indent ltr rtl blockquote | forecolor backcolor | fontselect fontsizeselect' - + ' | link unlink table | emoticons charmap image media | code searchreplace undo redo', -- spellchecker_rpc_url: '../../../../../?_task=utils&_action=spell_html&_remote=1', -+ spellchecker_rpc_url: abs_url + '/?_task=utils&_action=spell_html&_remote=1', - spellchecker_language: rcmail.env.spell_lang, - accessibility_focus: false, - file_browser_callback: function(name, url, type, win) { ref.file_browser_callback(name, url, type); },
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.