Ralf Becker
|
592b7fb97d
|
replace LAB.js with native es5 loading
|
2021-06-05 20:39:39 +02:00 |
|
Ralf Becker
|
fed41622c2
|
fixing all sorts of PHP 8 errors and PHPStorm errors
|
2021-03-31 17:50:01 +02:00 |
|
Ralf Becker
|
ab9c089f70
|
fix PHP 8 Fatal error Array and string offset access syntax with curly braces is no longer supported
|
2021-03-21 21:13:07 +01:00 |
|
Hadi Nategh
|
72769e7a43
|
* HTML Editor: fix bug in editing uploaded image
|
2020-10-19 11:14:52 +02:00 |
|
Ralf Becker
|
7428e2d7cd
|
do not add path of url to CSP
|
2020-07-07 13:18:28 +02:00 |
|
Ralf Becker
|
9a548dca68
|
fix csp-*-source hook not run, if Api\Header\ContenSecurity::add() was called
|
2020-04-30 17:31:46 +02:00 |
|
Ralf Becker
|
57ab6f667c
|
adding CSP frame-ancestors 'self' policy to mitigate clickjacking
|
2020-01-28 18:19:40 +01:00 |
|
Ralf Becker
|
2ea9549dcf
|
stricter CSP policy for mail body
|
2020-01-28 17:45:36 +01:00 |
|
Ralf Becker
|
d8289ef29d
|
stricter CSP policy
|
2020-01-28 17:14:51 +01:00 |
|
Ralf Becker
|
056e5c053a
|
use hostname from setup, only if webserver-url starts with a slash, closer to previous behavior
|
2019-11-13 18:28:33 +01:00 |
|
Ralf Becker
|
302800b414
|
new class Api\Header\Http to handle X-Forwarded-Host and -Schema headers
also kope now with multiple comma-separated host-names in X-Forwarded-Host header happening with multiple proxys
|
2019-11-12 20:13:24 +01:00 |
|
Ralf Becker
|
bf844b7598
|
support for new Swoole push server
|
2019-11-04 09:29:49 +01:00 |
|
Ralf Becker
|
6435eb1293
|
* Api: fix error adding/editing catgories or custom fields
|
2019-07-29 11:21:54 +02:00 |
|
Ralf Becker
|
914de29859
|
improve user-agent formatting and use is also for accesslog
|
2019-06-05 18:18:23 +02:00 |
|
Ralf Becker
|
44a0079b9d
|
new user security popup incl. 2FA and token revokation
|
2019-06-05 13:10:25 +02:00 |
|
Hadi Nategh
|
c5c09c4f9f
|
Deprecate CKEDITOR and remove it from source
|
2019-01-25 12:41:13 +01:00 |
|
Ralf Becker
|
77b42dd9a4
|
always send X-Content-Type-Options: nosniff
It does not harm and stops unpredictable results from browsers changing our content-types
(FF 50+ now also supports nosniff)
|
2017-10-25 17:35:30 +02:00 |
|
Hadi Nategh
|
c7089cadd9
|
Revert unintentional changes to mrconfig and ContentSecurityPolicy from commitacdf079fb180490d8659fad0f4c20dd74ea78503
|
2017-01-05 15:04:53 +01:00 |
|
Hadi Nategh
|
acdf079fb1
|
* Etemplate: Fix error "Etemplate\Api\Auth not found" happening while to login
|
2017-01-05 14:59:20 +01:00 |
|
Ralf Becker
|
dc84982a55
|
* CalDAV/CardDAV: send unchange REALM for "bad login or password" to allow storing credentials
|
2017-01-04 10:18:34 +11:00 |
|
Ralf Becker
|
e87cbc4832
|
use static Hooks methods
|
2016-05-11 18:58:10 +00:00 |
|
Ralf Becker
|
4af0e7cb1c
|
WIP EGroupware without phpgwapi&etemplate
|
2016-05-04 19:07:54 +00:00 |
|
Ralf Becker
|
67cb60b972
|
moving egw_digest_auth, vfs_webdav_server and egw_sharing to new api
|
2016-03-20 16:19:53 +00:00 |
|
Ralf Becker
|
0cd226b91d
|
make static functions static as they should be
|
2016-03-19 10:44:00 +00:00 |
|
Hadi Nategh
|
b7a1280c17
|
Fix can not open any attachment caused by wrong path
|
2016-03-15 10:05:34 +00:00 |
|
Ralf Becker
|
99714aa9e9
|
move egw_framework::csp_*_source_attrs($attrs) to Api\Header\ContentSecurityPolicy::add(*-src, $attrs) and egw_ckeditor_config to Api\Html\CkEditorConfig
|
2016-03-13 14:08:31 +00:00 |
|
Ralf Becker
|
85695f0d41
|
split html class to Api\Html, Api\Header\Content, Api\Header\UserAgent and translation
|
2016-03-13 11:22:44 +00:00 |
|