Commit Graph

1048 Commits

Author SHA1 Message Date
andryyy
c69c2d9c13 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-08-16 22:18:55 +02:00
andryyy
692614f79e
[Web] Fix loop in SPF lookup 2019-08-16 18:20:58 +02:00
andryyy
6e41fa9fc1
[Web] Update JQuery, todo: dont use migrate 2019-08-16 18:20:24 +02:00
Patrik Kernstock
409ecf7fd5
[Web] Fixed one more possible XSS
XSS might be possible when using a specific-crafted request (harder than previous ones). Might also easily cause JS errors and making the "mailcow UI"-logs not accessible anymore
2019-08-14 22:19:50 +02:00
Patrik Kernstock
4f25a3646e Fixed several other XSS's 2019-08-14 00:22:40 +02:00
andryyy
5fd00abf91 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-08-13 21:12:30 +02:00
andryyy
fab23cec2b
[Web] Fix XSS in call field 2019-08-13 21:12:24 +02:00
André Peters
a41825dede
Merge pull request #2857 from mailcow/update-msg-removehash
Small info regarding hash deletion, fixes #2775
2019-08-13 21:07:35 +02:00
André Peters
32f293e55f
Update lang.en.php 2019-08-13 21:07:25 +02:00
Geitenijs
badd6b5e7f Update lang.nl.php (#2850) 2019-08-13 20:11:24 +02:00
Patrik Kernstock
a3315d9187 Rephrase EN 2019-08-13 19:53:26 +02:00
Patrik Kernstock
2b0795cc71 Small info regarding hash deletion, fixes #2775 2019-08-12 19:30:31 +02:00
andryyy
294e0bc07f
[Web] Cache validation result in Redis 2019-08-11 22:19:26 +02:00
heavygale
2d74d81cb1 htmlspecialchars for value attributes
Escaping htmlspecialchars in value attributes.
2019-08-10 19:36:03 +02:00
andryyy
03259d66bb
[Web] Minor fixes 2019-08-10 16:12:06 +02:00
andryyy
d8dfd5061b
[Web] Minor fixes and changes 2019-08-10 15:57:07 +02:00
andryyy
9a500a7068
[Web] Verify OPTIONAL license plus minor fixes 2019-08-09 14:16:52 +02:00
andryyy
cb9a63ec4d
[Web] Fix CSS, thanks to @irgendwr 2019-08-09 14:14:41 +02:00
André Peters
c7eec72055
[Web] Language updates 2019-07-29 21:12:47 +02:00
andryyy
2193378982
[Web] unlimited_quota fix for domain admins 2019-07-29 16:16:31 +02:00
andryyy
dadc66fe49
[Web] Minor changes to ip labels 2019-07-28 21:36:48 +02:00
Faisal Misle
be4673c5f6 Update lang.es.php
minor update
2019-07-28 07:17:10 -05:00
Faisal Misle
db8b7aaa04 Language updates
Spanish is 95% done, minor gramatical updates to english version
2019-07-28 07:13:31 -05:00
André Peters
2061181d82
Merge pull request #2810 from friedPotat0/quarantinetable
Minor adjustments to tables in UI
2019-07-27 19:40:43 +02:00
friedPotat0
c48ae234ce Restrict toggle for tbl with specific breakpoints 2019-07-27 19:07:01 +02:00
friedPotat0
d1153b470f Restrict row toggle for remaing tables 2019-07-27 18:57:58 +02:00
friedPotat0
1b54d75716 Prevent event propagation for remaining tables 2019-07-27 18:56:51 +02:00
friedPotat0
bcad71cfaa Add proper cursor to remaining UI tables 2019-07-27 18:50:58 +02:00
friedPotat0
36888645bc Set proper cursor for quarantine table rows 2019-07-27 17:17:56 +02:00
friedPotat0
fb1307daa9 Set proper cursor for footable toggle 2019-07-27 17:16:59 +02:00
friedPotat0
abf0548ca4 Prevent event propagation for footable toggle 2019-07-27 17:14:56 +02:00
friedPotat0
581f8c77c7 Restrict quarantine table row toggle 2019-07-27 16:49:53 +02:00
André Peters
857c225d07
Merge pull request #2804 from friedPotat0/buttonpointerevents
Fix pointer events for nested button elements
2019-07-27 15:59:26 +02:00
andryyy
85f20a901d
[Web] Remove top padding on login screen for small devices 2019-07-23 21:33:24 +02:00
andryyy
91edf275b9
[Web] Minor language change in lang.de 2019-07-23 19:53:11 +02:00
andryyy
45f31ba931
[Web] Handle score as string 2019-07-23 19:52:46 +02:00
friedPotat0
454ffac803 Fix pointer events for nested button elements 2019-07-23 05:48:29 +02:00
friedPotat0
d4f3e87a2f Add spam score to quarantine table 2019-07-23 04:22:28 +02:00
andryyy
3f741eb625
[Web] Disable user-scalable, set max-scale to 1 2019-07-22 21:11:25 +02:00
mkapra
a5756716e0 Fixing duplicated port for profile downloading. 2019-07-17 08:59:49 +02:00
Geitenijs
448752cd94
Update lang.nl.php 2019-07-05 18:38:16 +02:00
andryyy
cb4f025bb1
[Web] Add important info about disabled GAL 2019-07-05 15:37:28 +02:00
andryyy
e71abf1895 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-07-05 15:16:48 +02:00
andryyy
350811dadd [Web] Enable GAL by default 2019-07-05 15:16:11 +02:00
Sascha Henke
d0ecd08ba0
Kleine Rechtschreibkorrektur
2 Rechtschreibfehler und eine Stiländerung
2019-07-04 08:30:39 +02:00
Braintelligence
61f950b473
Fix issue #2718
Proposal for a fix of issue #2718 .
Strip port from HTTP_HOST per @mkuron proposal: https://github.com/mailcow/mailcow-dockerized/issues/2718#issuecomment-506987422
2019-07-01 16:48:01 +02:00
andryyy
f35bc07a30
[Web] Generate readable passwords 2019-06-20 10:18:09 +02:00
andryyy
c7a85fc520
[Web] Fix BCC error message 2019-06-16 16:00:41 +02:00
andryyy
59798357f7
[Web] Fix SPF link 2019-06-16 16:00:14 +02:00
andryyy
ffb008f72a Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-06-09 16:50:04 +02:00
andryyy
5ce6688c78
[Web] Show resource alias 2019-06-09 16:49:17 +02:00
Aiko Appeldorn
1634a486fc
[web] increased db version 2019-06-09 12:08:23 +02:00
Timo N
9325bb6f4e
Merge pull request #2594 from FELDSAM-INC/domain-default-mailbox-quota
Default quota for mailbox
2019-06-09 10:49:43 +02:00
andryyy
176f2a3f34
[Web] Allow to set max_age for quarantine items 2019-06-01 21:22:14 +02:00
andryyy
5f8dd69a2d
[Web] Fix lang strings for sieve pathes and sieve flow 2019-06-01 14:10:01 +02:00
andryyy
8537767443
[Web] Show error when connection to redis fails (instead of 5xx) 2019-05-28 15:18:27 +02:00
andryyy
2508ee5b69
[Web] Delete from sender_acl when deleting an alias 2019-05-26 09:39:04 +02:00
andryyy
6fffda5def
[Web] Remove file 2019-05-26 09:24:50 +02:00
andryyy
d5612cf60f
[Web] More fixes for alias as sender_acl 2019-05-26 09:22:06 +02:00
andryyy
5087d5ce96
[Web] Allow aliases as send-as 2019-05-26 08:29:10 +02:00
andryyy
db0ec130f5
[Web] Lang updates
[ACME] Typo
2019-05-22 23:47:45 +02:00
André Peters
9a114845d7
[Netfilter] Reworked by @Kraeutergarten 2019-05-22 22:49:40 +02:00
Evangelos Foutras
e1a3313660 [Web] Fix showing domain with disabled sender check
If a mailbox is allowed to send as any address under its domain (+ alias
domains) and the domain itself has no aliases configured, no information
about this fact is shown to the user. That is to say, the "Do not check
sender access for the following domain(s) and its alias domains" field
under mailbox details is empty.

The above is happening because the second GROUP_CONCAT() returns NULL
making the enclosing CONCAT() return NULL as well. Fix this by using
CONCAT_WS() which correctly handles the case of zero domain aliases.

Furthermore, move the IFNULL() to the first GROUP_CONCAT() because
CONCAT_WS() returns an empty string when both GROUP_CONCAT()'s are
NULL. We can be certain that when the first GROUP_CONCAT() is NULL
the second one will be as well, so it's safe to use IFNULL() there.
2019-05-20 18:08:45 +03:00
Kraeutergarten
b862ce2bfb Add hostnames for blacklist. 2019-05-20 09:02:40 +02:00
andryyy
5bb23a2664 [Web] Fix null ua in debug.js - fixes #2615 2019-05-18 15:35:00 +02:00
Kraeutergarten
4cc63ceeb7 Allow hostnames for fail2ban whitelist. 2019-05-17 19:38:34 +02:00
andryyy
885b79f06f
[Web] Add function to read F2B data via API 2019-05-17 11:21:25 +02:00
Kraeutergarten
7417dd3a85 Check if domain value is undefined or null. 2019-05-16 10:15:37 +02:00
Kraeutergarten
84a78dbd0d Adds only existing domains in table to the filter and removes additional ajax request. 2019-05-16 08:20:21 +02:00
andryyy
06193ca625
[Web] Write API logs when format is data binary 2019-05-12 15:22:00 +02:00
Kristián Feldsam
b8b6450753 Default quota for mailbox
Signed-off-by: Kristián Feldsam <feldsam@gmail.com>
2019-05-11 11:16:40 +02:00
André Peters
f0d29ba8ef
Merge pull request #2547 from FELDSAM-INC/feldsam/json-api
JSON API Consume json in request body.
2019-05-10 20:37:37 +02:00
andryyy
bf3fb0c9d4
[Web] Fix some breakpoints 2019-05-09 11:30:14 +02:00
andryyy
cf4c5df427
[Web] Disable refresh button on reload, re-enable after table init 2019-05-05 20:59:59 +02:00
andryyy
acd8860efa
[Web] More minor css fixes 2019-05-05 20:49:13 +02:00
andryyy
9529b7a542
[Web] Various UI fixes 2019-05-05 20:44:29 +02:00
andryyy
05a2301ea6
[Web] Allow to rename alias to Alias 2019-05-05 20:01:53 +02:00
andryyy
f7e5f8b51f
[Web] Minor changes 2019-05-05 14:01:17 +02:00
André Peters
2d5e8a20ef
Merge pull request #2574 from emericklaw/mobileconfig-specialcharacters
Handle mobileconfig display names with special characters
2019-05-04 23:10:03 +02:00
hunter-nl
99eb61a449
Update init_db.inc.php
imapsync table column "returned_text" changed into type "longtext". "mediumtext" is to small for imapsync output on large mailbox.
db version value updated.
2019-05-04 12:13:51 +02:00
emericklaw
12d46cf072
Updated to not convert quotes
I missed using ENT_NOQUOTES since XML only needs & and <> to be replaced in tags, spotted by @mkuron
2019-05-03 17:54:33 +01:00
emericklaw
472a99ff00
Handle mobileconfig display names with special characters
If the account display name contained special characters like & the mobileconfig would fail to import on the iOS device.
2019-05-03 13:31:10 +01:00
Geitenijs
9dc7d05fa4
Update lang.nl.php 2019-05-01 17:54:27 +02:00
André Peters
48984270dd
Merge pull request #2569 from Howaner/quarantine-domain-alias
Added domain alias handling to quarantine mails and added recipients row to quarantine mail display
2019-05-01 15:54:46 +02:00
Howaner
5bb7b5b368 Fixed XSS 2019-05-01 01:03:16 +02:00
Howaner
17918b3e21 Added domain alias handling to quarantine mails and added recipients row to quarantine mail display
If a mail is sent to a domain alias domain and rejected, mailcow does not currently store the mail in quarantine.
This commit adds domain alias handling to the reject code and should fix this behavior.

Also added displaying of recipient addresses into the quarantine mail dialog to be able to see what mail address was "leaked".
2019-05-01 00:56:12 +02:00
andryyy
59a8a3864a
[Web] Minor fixes 2019-04-30 22:51:17 +02:00
André Peters
18729e2b49
Merge pull request #2567 from Howaner/mailpreview-fix
Updated php-mime-mail-parser library to 5.1 to really fix webui html preview
2019-04-30 22:49:25 +02:00
Howaner
9ce80d0eb5 Updated php-mime-mail-parser library to 5.1 to really fix webui html preview 2019-04-30 21:41:56 +02:00
André Peters
7c5094b8ec
Update 014-mailcow.js 2019-04-29 20:24:35 +02:00
André Peters
b6607e090e
Update 014-mailcow.js 2019-04-29 19:43:30 +02:00
Howaner
4bac1da451 Updated php-mime-mail-parser library to 5.0 to fix webui html preview
Preview versions of php-mime-mail-parser uses iconv for the most cases and iconv isn't properly supported in alpine php
2019-04-28 20:22:37 +02:00
andryyy
3e3e526568
[Dovecot] Update to 2.3.5.2
[Compose] Update Dovecot image
2019-04-25 18:10:28 +02:00
andryyy
9b303dcc0e
[Dovecot] Set default_vsz_limit = 1024 M
[Web] Form cache for user passwd change modal disabled
2019-04-24 14:46:45 +02:00
Kristián Feldsam
be2877c875 JSON API Consume json in request body.
Draft docs https://feldhostmailhosting.docs.apiary.io

Signed-off-by: Kristián Feldsam <feldsam@gmail.com>
2019-04-20 21:57:39 +02:00
andryyy
c8047b9555 [Web] Change session timeout handling
[Rspamd] Add missing spamassassin.conf
2019-04-14 13:01:47 +02:00
andryyy
e94c9e1ca6
[Web] Fix class for full mailbox 2019-04-05 13:08:16 +02:00
Carlos Ferreira
5ddd37956f
Fix HTML bug with French language 2019-04-04 21:03:50 +02:00
andryyy
82f7cab259
[Web] Fix totp qr code, fixes #2490 2019-04-01 22:17:44 +02:00
andryyy
79bde4f702
[Web] Fix UTF-8 symbol 2019-03-31 19:44:24 +02:00
André Peters
987e884407
Merge branch 'master' into admin-login 2019-03-31 15:49:18 +02:00
andryyy
14e57cf80f
[Web] Add ACL for unlimited quota (default 0) 2019-03-30 19:14:24 +01:00
andryyy
67d6957265
[Web] Show unlimited quota in user view 2019-03-28 23:04:24 +01:00
andryyy
49492dff61
[Web, Dovecot] Allow empty/unlimited quota 2019-03-28 22:05:12 +01:00
andryyy
31f59eb2db
[Web] Update bootstrap slider 2019-03-25 12:34:53 +01:00
andryyy
3c4c760e29
[Web] Allow logout with broken session
[Web] Try to set aria hidden to false when a modal opens
2019-03-25 12:33:58 +01:00
Marcel Hofer
7d2289c3a7 Merge branch 'master' into admin-login
# Conflicts:
#	data/web/js/site/mailbox.js
2019-03-23 21:17:02 +01:00
andryyy
6a13609bf0
[Web] Fix slow UI by switching QR provider and only generating qr image on demand 2019-03-19 08:45:08 +01:00
andryyy
1fcecd0350
[Web] Fix js when adding resource
[Web] Reload view and memcached when changing a resource
2019-03-18 10:16:33 +01:00
André Peters
3d8a46357b
Merge branch 'master' into admin-login 2019-03-18 02:03:59 +01:00
andryyy
d8dbcfac92
[Web] Continue when a check in add_alias fails
[Web] Fix "null" output in mailbox table when comments are missing
[Update] Remove obsolete check/replace command
2019-03-14 01:46:15 +01:00
Kristián Feldsam
9d57583624 Quarantine - Enhanced JS + Show btn fix event binding
Signed-off-by: Kristián Feldsam <feldsam@gmail.com>
2019-03-12 21:56:59 +01:00
André Peters
ae19d81f2d
Merge branch 'master' into admin-login 2019-03-10 10:38:42 +01:00
andryyy
a70663d64e Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-03-10 10:27:00 +01:00
andryyy
78b2bde942
[Web] Change core to dovecot-fts 2019-03-10 10:20:49 +01:00
André Peters
216451ed43
Merge branch 'master' into admin-login 2019-03-10 09:51:12 +01:00
andryyy
c7c115d63a
[Solr] Use fixed, recommended schema but add EdgeNGramFilterFactory 2019-03-10 09:40:04 +01:00
Faisal Misle
184f27701c
Update vars.inc.php
Updated SOGo access default explanation
2019-03-09 16:17:11 -06:00
andryyy
15970ab8dc
[Postfix] Fix sasl_passwd query from alias domain, fixes #2410
[Web] Major fix, added a line break!
[Compose] Update Postfix image
2019-03-09 11:22:39 +01:00
andryyy
c792bbcbab
[Rspamd] make upstream an object 2019-03-07 00:05:55 +01:00
andryyy
ac6e379f09
[Web] Fix bootstrap pathes 2019-03-06 15:11:40 +01:00
andryyy
52890e113f
[Web] Update bootstrap to 3.4.1, fixes #2381 2019-03-03 12:07:33 +01:00
andryyy
1e79ea6c7e
[Web] Fix transport_check over port 465, fixes #2386 2019-03-02 20:32:12 +01:00
Marcel Hofer
6a7b4387eb allow multiple concurrent admin logins 2019-03-02 12:32:10 +01:00
Marcel Hofer
965577c5d8 fix path check 2019-02-27 23:16:23 +01:00
Marcel Hofer
fa80d66d6c match EAS and SOGO/dav case insensitive 2019-02-27 23:14:30 +01:00
Marcel Hofer
a110378000 always check basic auth against user database for EAS and SOGo if ALLOW_ADMIN_EMAIL_LOGIN is enabled 2019-02-27 23:06:19 +01:00
Marcel Hofer
e2f39df7d8 remove obsolete code, use openssl instead of cat /dev/urandom 2019-02-26 20:44:53 +01:00
andryyy
97adcbe5f8
[Web] Strip < and > from start/end of full name 2019-02-26 09:23:16 +01:00
Marcel Hofer
dd6d253ac0 add random masterpass for sogo admin login
add required headers for sogo proxy auth with password
add SOGoEncryptionKey
add SOGoTrustProxyAuthentication only conditionally if feature is enabled
2019-02-26 09:02:35 +01:00
André Peters
4482aee747
Update sogo-auth.php 2019-02-24 00:15:09 +01:00
André Peters
88fbc6bf16
Update sogo-auth.php
Consistency again. :)

I moved the prerequisites require_once to the top, ok?
2019-02-23 22:26:41 +01:00
Marcel Hofer
cac67db203 add config ALLOW_ADMIN_EMAIL_LOGIN and implement password-less SOGo login admins 2019-02-23 17:59:18 +01:00
gummipunkt
4e4ed9c1aa
Update lang.de.php 2019-02-21 21:58:03 +01:00
andryyy
30153f29cc
[Web] Changes to user interface (using tabs now) 2019-02-15 20:20:14 +01:00
vain90
d7aaa67e2e
Move unset https_port after include of vars local inc 2019-02-14 23:10:46 +01:00
André Peters
343e5e2cb1
[Web] Update lang.nl.php 2019-02-13 21:03:29 +01:00
andryyy
54dfb5c450 [Web] Unset https_port after vars local inc
[Compose] New Dovecot image
2019-02-12 19:01:37 +01:00
André Peters
d29adbae02
Update autodiscover-json.php 2019-02-11 13:52:24 +01:00
eXtremeSHOK
d3f382c558
Fix: AutoDiscover issue with Outlook 2019
Fixes #2300
2019-02-11 14:50:37 +02:00
Geitenijs
8b3b3a8b31
Update lang.nl.php 2019-02-10 19:53:36 +01:00
Geitenijs
86c830e1e6
Update lang.nl.php 2019-02-10 19:49:30 +01:00
Geitenijs
037c62be3a
Update lang.nl.php 2019-02-10 19:41:21 +01:00
Geitenijs
c1b3cb662e
Update lang.nl.php 2019-02-10 19:36:07 +01:00
Geitenijs
5a3f2c9d67
Update lang.nl.php 2019-02-10 15:59:38 +01:00
andryyy
a91aeb2500 Merge branch 'master' of https://github.com/mailcow/mailcow-dockerized 2019-02-09 23:50:16 +01:00
andryyy
38c939c4d2
[Web] Fix quota notificate html template saving 2019-02-09 23:49:06 +01:00
Geitenijs
131cc00d5d
Update lang.nl.php 2019-02-09 20:32:42 +01:00
André Peters
99bcd218ba
Merge pull request #2229 from heavygale/patch-5
Forward mailcow-ui-domain to the docs
2019-02-08 20:58:10 +01:00
andryyy
4252164487
[Web] Remove E_ALL error reporting 2019-02-08 20:56:26 +01:00