Age | Commit message (Collapse) | Author |
|
|
|
README additions continued from https://github.com/pixelated/pixelated-user-agent/pull/610
|
|
|
|
|
|
|
|
# By Felix Hammerl (5) and others
# Via NavaL
* 'master' of https://github.com/pixelated/pixelated-user-agent:
serving the client directly, as the current dependency on proxy strips out xsrf cookies -fixing functional test
only adding feature resource in root_resource test -- fixing build
changed logout to post Issue #612
Backend and frontend protection against csrf attacks: - root resources changes the csrf token cookie everytime it is loaded, in particular during the intestitial load during login - it will also add that cookie on single user mode - initialize will still load all resources - but they you cant access them if the csrf token do not match - all ajax calls needs to add the token to the header - non ajax get requests do not need xsrf token validation - non ajax post will have to send the token in as a form input or in the content
Consolidate stylesheets
Remove unused font and stylesheetgit s
Create a new deferred for all IMAPAccount calls
Clean up jshintrc
Recreate session on soledad problems
issue #617: Remove old html whitelister
Issue #617: Sanitize received content
|
|
xsrf cookies
-fixing functional test
Issue #612
|
|
Issue #612
|
|
Issue #612
|
|
- root resources changes the csrf token cookie everytime it is loaded, in particular during the intestitial load during login
- it will also add that cookie on single user mode
- initialize will still load all resources
- but they you cant access them if the csrf token do not match
- all ajax calls needs to add the token to the header
- non ajax get requests do not need xsrf token validation
- non ajax post will have to send the token in as a form input or in the content
Issue #612
|
|
|
|
* commit '6160633ab9a54238974af3cf498024ad98fc977e':
Fix repositore clone url
Returning 'not-sign' for no signature information
Only do initial sync on session creation
Improve stopwatch output
Improve error message if send mail fails
|
|
This removes styles.scss as intermediate stylesheet. Only main.scss
is now built, thereby also removing duplicated imports.
|
|
|
|
- Issue #615
- IMAPAccount ctor reuses same instance for all accounts
|
|
|
|
- Issue #615
- invalid token raised by soledad after timeout,
if we see this, recreate the session on next login
|
|
|
|
Sanitizes received HTML content with DOMPurify, making it safe
for displaying and templating. Sanitizes received plain text content
by encoding every single character as HTML entity.
|
|
|
|
|
|
When leap.mail receive not encrypted and not signed email it show as
no-signature-information on pixelated
Paring @thaissiqueira / @jeffhsta
Issue #605
|
|
- Issue #615
- Fixed some long broken but not failing tests
|
|
- measures time and cpu time and displays percentage
|
|
- Issue #609
|
|
|
|
|
|
This reverts commit f92e802df2aeec9b2341ba5b4efea48356edf01f.
|
|
For the case of wrong file path or file not existing
Issue #214
|
|
Instead shows a generic: "invalid xml format" message
Issue #214
|
|
Add recommended security headers
|
|
|
|
Issue #593
|
|
This reverts commit f1b338e5564a8458c906f903ee7e0383dae86287.
|
|
|
|
|
|
- Filtering attachments by content type application/pgp-keys
|
|
show message later when the email is sent or not.
The Growl will be yellow if success and red if the email failed to be
sent.
Issue #609
|
|
|
|
|
|
Removed hard spaces and added some padding to the login screen
input fields.
|
|
|
|
Issue #549
|
|
- Translates "Search..." and "Mark as read" to pt-BR
- Rename some translations keys to no-humanized text
|
|
|
|
Adds portuguese translation for i18n tags
|
|
This change only translate the current existing tags. It doesn't deal
with places where tags isn't used nor nonexistent tags.
|
|
|
|
|
|
|