33 Commits

Author	SHA1	Message	Date
ralf	55054024b6	fix PHP Deprecated errors visible in egroupware-docker-install.log	2023-01-26 10:42:33 +01:00
ralf	a80d810926	fix broken setting of CSP via hook since commit a304f34e6b ... (fix PHP Error: [] operator not supported for strings)	2022-07-08 14:15:30 +02:00
ralf	a304f34e6b	fix PHP Error: [] operator not supported for strings	2022-06-29 08:59:59 +02:00
ralf	669f679fbc	change our CSP to allow data: for connect-src, which is used by Shoelace to "load" icons	2022-06-13 13:19:54 +02:00
ralf	ef7c175814	remove jQueryUI DateTime picker and splitter and use them also for eTemplates marked as legacy	2022-04-29 17:05:43 +02:00
Hadi Nategh	8175a592d5	Fix some mail actions e.g. "view as source" or "Html" no longer working	2022-04-11 12:43:18 +02:00
Ralf Becker	592b7fb97d	replace LAB.js with native es5 loading	2021-06-05 20:39:39 +02:00
Ralf Becker	fed41622c2	fixing all sorts of PHP 8 errors and PHPStorm errors	2021-03-31 17:50:01 +02:00
Ralf Becker	ab9c089f70	fix PHP 8 Fatal error Array and string offset access syntax with curly braces is no longer supported	2021-03-21 21:13:07 +01:00
Hadi Nategh	72769e7a43	* HTML Editor: fix bug in editing uploaded image	2020-10-19 11:14:52 +02:00
Ralf Becker	7428e2d7cd	do not add path of url to CSP	2020-07-07 13:18:28 +02:00
Ralf Becker	9a548dca68	fix csp-*-source hook not run, if Api\Header\ContenSecurity::add() was called	2020-04-30 17:31:46 +02:00
Ralf Becker	57ab6f667c	adding CSP frame-ancestors 'self' policy to mitigate clickjacking	2020-01-28 18:19:40 +01:00
Ralf Becker	2ea9549dcf	stricter CSP policy for mail body	2020-01-28 17:45:36 +01:00
Ralf Becker	d8289ef29d	stricter CSP policy	2020-01-28 17:14:51 +01:00
Ralf Becker	056e5c053a	use hostname from setup, only if webserver-url starts with a slash, closer to previous behavior	2019-11-13 18:28:33 +01:00
Ralf Becker	302800b414	new class Api\Header\Http to handle X-Forwarded-Host and -Schema headers ... also kope now with multiple comma-separated host-names in X-Forwarded-Host header happening with multiple proxys	2019-11-12 20:13:24 +01:00
Ralf Becker	bf844b7598	support for new Swoole push server	2019-11-04 09:29:49 +01:00
Ralf Becker	6435eb1293	* Api: fix error adding/editing catgories or custom fields	2019-07-29 11:21:54 +02:00
Ralf Becker	914de29859	improve user-agent formatting and use is also for accesslog	2019-06-05 18:18:23 +02:00
Ralf Becker	44a0079b9d	new user security popup incl. 2FA and token revokation	2019-06-05 13:10:25 +02:00
Hadi Nategh	c5c09c4f9f	Deprecate CKEDITOR and remove it from source	2019-01-25 12:41:13 +01:00
Ralf Becker	77b42dd9a4	always send X-Content-Type-Options: nosniff ... It does not harm and stops unpredictable results from browsers changing our content-types (FF 50+ now also supports nosniff)	2017-10-25 17:35:30 +02:00
Hadi Nategh	c7089cadd9	Revert unintentional changes to mrconfig and ContentSecurityPolicy from commitacdf079fb180490d8659fad0f4c20dd74ea78503	2017-01-05 15:04:53 +01:00
Hadi Nategh	acdf079fb1	* Etemplate: Fix error "Etemplate\Api\Auth not found" happening while to login	2017-01-05 14:59:20 +01:00
Ralf Becker	dc84982a55	* CalDAV/CardDAV: send unchange REALM for "bad login or password" to allow storing credentials	2017-01-04 10:18:34 +11:00
Ralf Becker	e87cbc4832	use static Hooks methods	2016-05-11 18:58:10 +00:00
Ralf Becker	4af0e7cb1c	WIP EGroupware without phpgwapi&etemplate	2016-05-04 19:07:54 +00:00
Ralf Becker	67cb60b972	moving egw_digest_auth, vfs_webdav_server and egw_sharing to new api	2016-03-20 16:19:53 +00:00
Ralf Becker	0cd226b91d	make static functions static as they should be	2016-03-19 10:44:00 +00:00
Hadi Nategh	b7a1280c17	Fix can not open any attachment caused by wrong path	2016-03-15 10:05:34 +00:00
Ralf Becker	99714aa9e9	move egw_framework::csp_*_source_attrs($attrs) to Api\Header\ContentSecurityPolicy::add(*-src, $attrs) and egw_ckeditor_config to Api\Html\CkEditorConfig	2016-03-13 14:08:31 +00:00
Ralf Becker	85695f0d41	split html class to Api\Html, Api\Header\Content, Api\Header\UserAgent and translation	2016-03-13 11:22:44 +00:00