forked from extern/egroupware
* Mail: allow to configure a proxy to display external http images (eg. proxy.egroupware.org)
This commit is contained in:
parent
4fc02fbe20
commit
76c36cfbcd
@ -410,6 +410,26 @@ class mail_ui
|
||||
$stmpl->exec('mail.mail_ui.subscription', $content,$sel_options,$readonlys,$preserv,2);
|
||||
}
|
||||
|
||||
const DEFAULT_IMAGE_PROXY = 'https://';
|
||||
const EGROUPWARE_IMAGE_PROXY = 'https://proxy.egroupware.org/7d510d4f7966f97ab56580425ddb4811e707c018/';
|
||||
const IMAGE_PROXY_CONFIG = 'http_image_proxy';
|
||||
|
||||
/**
|
||||
* Get image proxy / http:// replacement for image urls
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected static function image_proxy()
|
||||
{
|
||||
$configs = Api\Config::read('mail');
|
||||
$image_proxy = $configs[self::IMAGE_PROXY_CONFIG] ?: self::DEFAULT_IMAGE_PROXY;
|
||||
if (strpos(self::EGROUPWARE_IMAGE_PROXY, parse_url($image_proxy, PHP_URL_HOST)))
|
||||
{
|
||||
$image_proxy = self::EGROUPWARE_IMAGE_PROXY;
|
||||
}
|
||||
return $image_proxy;
|
||||
}
|
||||
|
||||
/**
|
||||
* Main mail page
|
||||
*
|
||||
@ -590,6 +610,9 @@ class mail_ui
|
||||
default:
|
||||
$etpl->setElementAttribute('mailSplitter', 'orientation', 'v');
|
||||
}
|
||||
// send configured image proxy to client-side
|
||||
$content['image_proxy'] = self::image_proxy();
|
||||
|
||||
return $etpl->exec('mail.mail_ui.index',$content,$sel_options,$readonlys,$preserv);
|
||||
}
|
||||
|
||||
@ -2260,6 +2283,8 @@ $filter['before']= date("d-M-Y", $cutoffdate2);
|
||||
//error_log(__METHOD__.__LINE__.' change Profile back to where we came from->'.$rememberServerID);
|
||||
$this->changeProfile($rememberServerID);
|
||||
}
|
||||
// send configured image proxy to client-side
|
||||
$content['image_proxy'] = self::image_proxy();
|
||||
|
||||
$etpl->exec('mail.mail_ui.displayMessage',$content,$sel_options,$readonlys,$preserv,2);
|
||||
}
|
||||
|
@ -76,6 +76,11 @@ app.classes.mail = AppJS.extend(
|
||||
*/
|
||||
W_TIMEOUTS: [],
|
||||
|
||||
/**
|
||||
* Replace http:// in external image urls with
|
||||
*/
|
||||
image_proxy: 'https://',
|
||||
|
||||
/**
|
||||
* Initialize javascript for this application
|
||||
*
|
||||
@ -356,6 +361,9 @@ app.classes.mail = AppJS.extend(
|
||||
this.mail_currentlyFocussed = this.et2.mail_currentlyFocussed;
|
||||
|
||||
}
|
||||
// set image_proxy for resolveExternalImages
|
||||
this.image_proxy = this.et2.getArrayMgr('content').getEntry('image_proxy') || 'https://';
|
||||
|
||||
this.preSetToggledOnActions ();
|
||||
},
|
||||
|
||||
@ -1142,6 +1150,7 @@ app.classes.mail = AppJS.extend(
|
||||
|
||||
resolveExternalImages: function (_node)
|
||||
{
|
||||
let image_proxy = this.image_proxy;
|
||||
//Do not run resolve images if it's forced already to show them all
|
||||
// or forced to not show them all.
|
||||
var pref_img = egw.preference('allowExternalIMGs', 'mail');
|
||||
@ -1161,7 +1170,7 @@ app.classes.mail = AppJS.extend(
|
||||
if (u.substr(0,7) == 'http://')
|
||||
{
|
||||
u = u.replace ('http://','');
|
||||
url = url.replace('http://', 'https://proxy.egroupware.org/7d510d4f7966f97ab56580425ddb4811e707c018/');
|
||||
url = url.replace('http://', image_proxy);
|
||||
protocol = 'http';
|
||||
}
|
||||
else if (u.substr(0,8) == 'https://')
|
||||
@ -1209,20 +1218,20 @@ app.classes.mail = AppJS.extend(
|
||||
showImages (external_images);
|
||||
return;
|
||||
}
|
||||
let message = 'In order to protect your privacy all external sources within this email are blocked.';
|
||||
let message = this.egw.lang('In order to protect your privacy all external sources within this email are blocked.');
|
||||
for(let i in external_images)
|
||||
{
|
||||
if (!external_images[i].alt) continue;
|
||||
let r = getUrlParts(external_images[i].alt);
|
||||
if (r && r.protocol == 'http')
|
||||
{
|
||||
message = 'There are Mixed Content within this message which are served under HTTP insecure protocol. Be aware Showing / Allowing them would compromise your security!!!';
|
||||
message = this.egw.lang('This mail contains external images served via insecure HTTP protocol. Be aware showing or allowing them can compromise your security!');
|
||||
container.addClass('red');
|
||||
break;
|
||||
}
|
||||
}
|
||||
jQuery(document.createElement('p'))
|
||||
.text(this.egw.lang(message))
|
||||
.text(message)
|
||||
.appendTo(container);
|
||||
jQuery(document.createElement('button'))
|
||||
.addClass ('closeBtn')
|
||||
|
@ -77,6 +77,7 @@ before reply, visible during compose mail de Vor dem zitierten Text, sichtbar w
|
||||
blacklisted mails are marked as spam mail de E-Mail-Adressen, die in die Blacklist eingetragen werden, werden als Spam markiert
|
||||
but check shared folders mail de aber explizite Überprüfung der Ordner unterhalb der (Benutzer-)Freigaben
|
||||
by date mail de nach Datum
|
||||
by default 'http://' is just replaced with 'https://'. feel free to configure 'https://proxy.egroupware.org/' to also load images only available via http. mail de Als Vorgabe wird 'http://' nur durch 'https://' ersetzt. Sie können gerne 'https://proxy.egroupware.org/' eintragen, um Bilder anzuzeigen die ausschließlich per http geladen werden können.
|
||||
can not open imap connection mail de Keine Verbindung zum Mailserver möglich
|
||||
can not resolve the winmail.dat attachment! mail de Der winmail.dat Anhang kann nicht geöffnet weden!
|
||||
canceled deletion due to user interaction mail de Löschen durch Benutzer abgebrochen
|
||||
@ -96,8 +97,8 @@ compose mail de verfassen
|
||||
compose as new mail de Als neu bearbeiten
|
||||
compress folder mail de Ordner komprimieren
|
||||
condition mail de Bedingung
|
||||
configured values will be set automatically on compose dialog for respected field when composing a new email. mail de Die festgelegten Werte werden beim Verfassen einer neuen E-Mail für die entsprechenden Felder automatisch eingestellt.
|
||||
configuration settings mail de Einstellungen der Konfiguration
|
||||
configured values will be set automatically on compose dialog for respected field when composing a new email. mail de Die festgelegten Werte werden beim Verfassen einer neuen E-Mail für die entsprechenden Felder automatisch eingestellt.
|
||||
confirm mail de Bestätigen
|
||||
confirm attach message mail de Bestätigung beim Anhängen von E-Mails
|
||||
confirm move to folder mail de Bestätigung vor dem Verschieben
|
||||
@ -259,6 +260,7 @@ general settings mail de Allgemeine Einstellungen
|
||||
get acl rights failed from imap server! mail de Die Zugriffskontrollrechte konnten auf dem IMAP Server nicht gelesen werden!
|
||||
greater than mail de größer als
|
||||
ham folder mail de Ordner für nicht Spam-Nachrichten
|
||||
handling of external http images / mixed content in mails mail de Behandlung von externen Bilder per http / gemischter Inhalt in Mails
|
||||
header mail de Kopfzeilen
|
||||
header lines mail de Kopfzeilen anzeigen
|
||||
high mail de hoch
|
||||
@ -343,8 +345,8 @@ message preview area mail de Vorschaubereich
|
||||
message saved successfully. mail de Nachricht wurde erfolgreich gespeichert.
|
||||
message send failed: %1 mail de Nachricht konnte nicht versendet werden: %1
|
||||
message send successfully. mail de Nachricht wurde erfolgreich versendet.
|
||||
message verified successfully. mail de Nachricht erfolgreich verifiziert.
|
||||
message verified successfully but the signer’s certificate could not be verified. mail de Nachricht erfolgreich verifiziert, aber das Zertifikat des Unterzeichners konnte nicht verifiziert werden.
|
||||
message verified successfully. mail de Nachricht erfolgreich verifiziert.
|
||||
miscellaneous mail de Verschiedenes
|
||||
modify subject mail de Betreff ändern
|
||||
modify subject of this message mail de Betreff dieser Nachricht ändern
|
||||
@ -456,6 +458,7 @@ rename folder mail de Umbenennen
|
||||
rename folder %1 ? mail de Ordner %1 umbenennen?
|
||||
rename folder %1 to: mail de Ordner %1 umbenennen in:
|
||||
renamed folder %1 to %2 mail de Ordner %1 umbenannt in %2
|
||||
replace 'http://' in image urls with (trailing / required!) mail de Ersetze 'http://' in Bild Adressen (URLs) mit (muss in einem / enden!)
|
||||
replied mail de beantwortet
|
||||
reply mail de antworten
|
||||
reply all mail de Allen Antworten
|
||||
@ -598,6 +601,7 @@ the message sender has requested a response to indicate that you have read this
|
||||
the mimeparser can not parse this message. mail de Der MIME Parser versteht diese Nachricht nicht.
|
||||
the rule with priority %1 successfully saved! mail de Die Regel mit Priorität %1 wurde erfolgreich gespeichert!
|
||||
then mail de dann
|
||||
this mail contains external images served via insecure http protocol. be aware showing or allowing them can compromise your security! mail de Diese Mail enthält externe Bilder die über das unsichere HTTP protocol ausgeliefert werden. Bitte seinen Sie sich bewußt, dass Anzeigen oder Erlauben Ihre Sicherheit beeinträchtigen kann!
|
||||
there is no imap server configured. mail de Es ist kein IMAP-Server Konfiguriert
|
||||
there is no space left to store sieve script, please check sieve_maxscriptsize option on your mailserver's config. mail de Es ist kein Platz mehr vorhanden, um das Sieve Skript zu speichern, bitte Sie Ihren Administrator die Option sieve_maxscriptsize in der Konfiguration Ihres Mailservers zu prüfen.
|
||||
this message is smime encrypted and password protected. mail de Diese Nachricht ist S/MIME-Verschlüsselt und mit Passwort geschützt.
|
||||
|
@ -6,7 +6,6 @@
|
||||
%1 is not writable by you! mail en %1 is NOT writable by you!
|
||||
%1 mails selected mail en %1 Mails selected
|
||||
(*) please consider, forward to multiple addresses will not work if number of addresses exceeds the limit. for most mail servers the limit is 4 by default, please contact your mail server administrator for further info. mail en (*) Please consider, forward to multiple addresses will not work if number of addresses exceeds the Limit. For most mail Servers the limit is 4 by default, please contact your mail server administrator for further info.
|
||||
sieve_edit_instructions mail en (*) wildcards (*,?) may be used. If you are trying to match * or ? itself, you must escape them with a backslash (\). If you check "Use regular expressions" you must use valid regular expressions. In order to escape of exclamation mark (!) at the begining not being used as "NOT", use regex and backslash (\) (e.g. \!)
|
||||
(leave empty for no quota) mail en (Leave empty for no quota)
|
||||
(no subject) mail en (no subject)
|
||||
(not connected) mail en (not connected)
|
||||
@ -78,6 +77,7 @@ before reply, visible during compose mail en Before reply, visible during compos
|
||||
blacklisted mails are marked as spam mail en Blacklisted mails are marked as spam
|
||||
but check shared folders mail en but check shared folders
|
||||
by date mail en By date
|
||||
by default 'http://' is just replaced with 'https://'. feel free to configure 'https://proxy.egroupware.org/' to also load images only available via http. mail en By default 'http://' is just replaced with 'https://'. Feel free to configure 'https://proxy.egroupware.org/' to also load images only available via http.
|
||||
can not open imap connection mail en Can not open IMAP connection
|
||||
can not resolve the winmail.dat attachment! mail en Can not resolve the winmail.dat attachment!
|
||||
canceled deletion due to user interaction mail en canceled deletion due to user interaction
|
||||
@ -260,6 +260,7 @@ general settings mail en General settings
|
||||
get acl rights failed from imap server! mail en Get ACL rights failed from IMAP server!
|
||||
greater than mail en greater than
|
||||
ham folder mail en Ham folder
|
||||
handling of external http images / mixed content in mails mail en Handling of external http images / mixed content in mails
|
||||
header mail en Header
|
||||
header lines mail en Header lines
|
||||
high mail en high
|
||||
@ -344,8 +345,8 @@ message preview area mail en Message preview area
|
||||
message saved successfully. mail en Message saved successfully.
|
||||
message send failed: %1 mail en Message send failed: %1
|
||||
message send successfully. mail en Message send successfully.
|
||||
message verified successfully. mail en Message verified successfully.
|
||||
message verified successfully but the signer’s certificate could not be verified. mail en Message verified successfully but the signer’s certificate could not be verified.
|
||||
message verified successfully. mail en Message verified successfully.
|
||||
miscellaneous mail en Miscellaneous
|
||||
modify subject mail en Modify subject
|
||||
modify subject of this message mail en Modify subject of this message
|
||||
@ -457,6 +458,7 @@ rename folder mail en Rename Folder
|
||||
rename folder %1 ? mail en Rename Folder %1 ?
|
||||
rename folder %1 to: mail en Rename Folder %1 to:
|
||||
renamed folder %1 to %2 mail en Renamed Folder %1 to %2
|
||||
replace 'http://' in image urls with (trailing / required!) mail en Replace 'http://' in image urls with (trailing / required!)
|
||||
replied mail en replied
|
||||
reply mail en Reply
|
||||
reply all mail en Reply All
|
||||
@ -550,6 +552,7 @@ sieve connection status mail en Sieve Connection Status
|
||||
sieve not activated mail en Sieve not activated
|
||||
sieve script name mail en sieve script name
|
||||
sieve server mail en Sieve server
|
||||
sieve_edit_instructions mail en (*) wildcards (*,?) may be used. If you are trying to match * or ? itself, you must escape them with a backslash (\). If you check "Use regular expressions" you must use valid regular expressions. In order to escape of exclamation mark (!) at the begining not being used as "NOT", use regex and backslash (\) (e.g. \!)
|
||||
sign your message with smime certificate mail en Sign your message with S/MIME certificate
|
||||
signature mail en Signature
|
||||
signature at top mail en signature at top
|
||||
@ -598,6 +601,7 @@ the message sender has requested a response to indicate that you have read this
|
||||
the mimeparser can not parse this message. mail en The mimeparser can not parse this message.
|
||||
the rule with priority %1 successfully saved! mail en The rule with priority %1 successfully saved!
|
||||
then mail en THEN
|
||||
this mail contains external images served via insecure http protocol. be aware showing or allowing them can compromise your security! mail en This mail contains external images served via insecure HTTP protocol. Be aware showing or allowing them can compromise your security!
|
||||
there is no imap server configured. mail en There is no IMAP Server configured.
|
||||
there is no space left to store sieve script, please check sieve_maxscriptsize option on your mailserver's config. mail en There is no space left to store sieve script, please check sieve_maxscriptsize option on your mailserver's config.
|
||||
this message is smime encrypted and password protected. mail en This message is S/MIME encrypted and password protected.
|
||||
|
@ -58,6 +58,16 @@
|
||||
<description value="provide a default vacation text, (used on new vacation messages when there was no message set up previously)"/>
|
||||
<textbox id="newsettings[default_vacation_text]" cols="50" rows="8"/>
|
||||
</row>
|
||||
<row>
|
||||
<description value="Handling of external http images / mixed content in mails" span="all" class="subHeader"/>
|
||||
</row>
|
||||
<row>
|
||||
<description value="By default 'http://' is just replaced with 'https://'. Feel free to configure 'https://proxy.egroupware.org/' to also load images only available via http." span="all"/>
|
||||
</row>
|
||||
<row>
|
||||
<description value="Replace 'http://' in image urls with (trailing / required!)"/>
|
||||
<textbox id="newsettings[http_image_proxy]" blur="https://" class="et2_fullWidth" validator="/^(https:[\/]{2}(.+\/)?)?$/"/>
|
||||
</row>
|
||||
<row>
|
||||
<description value="Miscellaneous" span="all" class="subHeader"/>
|
||||
</row>
|
||||
|
Loading…
Reference in New Issue
Block a user