public/mailcow-dockerized
1
0
Fork 0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2025-12-21 05:41:31 +00:00
Code Issues Releases Wiki Activity
7,423 Commits 39 Branches 82 Tags
copilot/fix-form-token-validation-error
Commit Graph

1188 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
64fe2e6d0d Fix DEV_MODE bypass to work when SESS_REMOTE_UA not set 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 16:36:32 +00:00
copilot-swe-agent[bot]
f01ada9377 Add isset check for DEV_MODE to prevent undefined index 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 16:30:39 +00:00
copilot-swe-agent[bot]
ae6420dc80 Fix DEV_MODE access using $GLOBALS instead of global keyword 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 16:23:16 +00:00
copilot-swe-agent[bot]
a1b0004be9 Add comment explaining User-Agent length validation 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 16:14:09 +00:00
copilot-swe-agent[bot]
88376566f9 Add validation for User-Agent in DEV_MODE bypass 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 16:12:37 +00:00
copilot-swe-agent[bot]
89b4676641 Allow User-Agent changes in DEV_MODE for responsive testing 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 16:11:05 +00:00
copilot-swe-agent[bot]
a710b0e580 Fix line ending issue in functions.inc.php - preserve CRLF 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 15:59:55 +00:00
copilot-swe-agent[bot]
b3e6891802 Fix session handling - explicitly start session after destroy 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 15:53:53 +00:00
copilot-swe-agent[bot]
19225b223c Fix User-Agent validation error after session expiry and regeneration 
Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
 2025-12-12 15:51:56 +00:00
Ashitaka
1ab6af21e3 Merge pull request #6905 from Ashitaka57/6646-pbkdf2-sha512-verify-hash 
Support for PBKDF2-SHA512 hash algorithm in verify_hash() (FreeIPA compatibility) (issue 6646)
 2025-12-10 11:41:06 +01:00
Josh
0413d26855 Allow making spam aliases permanent (#6888) 
* Allow making spam aliases permanent

* added german translation

* updated Spamalias Twig + Rename in Spam Alias

* compose: update image tags to align to vendor version

---------

Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-11-13 16:05:01 +01:00
Josh
9912e41f78 [Web] Correct order of Dansk/Danish in UI (#6887) 2025-11-03 21:07:20 +01:00
milkmaker
23fb5e2fca Add Vietnamese language (#6854) 
* [Web] Updated lang.vi-vn.json

[Web] Added lang.vi-vn.json

Co-authored-by: Nguyễn Thái Dũng <nguyenthaidung.work+mailcow.email@gmail.com>
Co-authored-by: Peter <magic@kthx.at>
Co-authored-by: milkmaker <milkmaker@mailcow.de>

* Add Vietnamese language

---------

Co-authored-by: Nguyễn Thái Dũng <nguyenthaidung.work+mailcow.email@gmail.com>
Co-authored-by: Peter <magic@kthx.at>
 2025-10-20 18:35:00 +02:00
FreddleSpl0it
b85837c803 [Web] Add password verification when setting recovery email 2025-10-13 12:05:17 +02:00
FreddleSpl0it
455ef084b4 [Web] clear old app_passwd log entries 2025-10-07 10:37:44 +02:00
FreddleSpl0it
c2948735f2 [Web] clear old app_passwd log entries 2025-10-07 10:18:07 +02:00
FreddleSpl0it
1ef0149076 [Web] make SameSite policy and cookie name configurable via vars.local.inc 2025-10-06 11:00:03 +02:00
FreddleSpl0it
922d173540 [Web] include hostname in default website title 2025-10-06 10:58:35 +02:00
FreddleSpl0it
2e7eb7c0fd Merge pull request #6780 from patschi/fix-pwcomplexity-apppasswds 
Fixed password complexity check for AppPasswords creation/edit
 2025-09-29 11:53:26 +02:00
FreddleSpl0it
4c83147d01 Merge pull request #6781 from patschi/pw-field-name-consistency 
Rename password fields for AppPasswords same way for consistency
 2025-09-29 11:52:08 +02:00
Patrik Kernstock
702ed85dfd Fixed footer escaping 2025-09-26 14:41:19 +02:00
Patrik Kernstock
ce219668cf Rename AppPasswds fields uniquely like 'add' 2025-09-26 03:37:49 +02:00
Patrik Kernstock
5b1b49a418 Fixed password complexity check for AppPasswords 2025-09-26 02:37:02 +02:00
FreddleSpl0it
8ead77083f [Web] Rename PHP Cookie to MCSESSID 2025-09-23 12:39:48 +02:00
FreddleSpl0it
4440bd46ad [Web] set cookie SameSite attribute to Lax 2025-09-23 12:24:25 +02:00
FreddleSpl0it
28985973eb [Web] Revert - allow "*" as wildcard domain 2025-09-23 10:07:33 +02:00
FreddleSpl0it
ed4dcff63b [Web] allow "*" as wildcard domain 2025-09-22 14:42:14 +02:00
FreddleSpl0it
a36485f0f1 [Web] Allow wildcard subdomains for MTA-STS 2025-09-22 13:55:18 +02:00
FreddleSpl0it
260906e350 [SOGo][Web] Enable SOGo URL Encryption 2025-09-22 12:28:09 +02:00
FreddleSpl0it
a90b3544a7 Merge pull request #6651 from psuet/fix/php-warnings 
Fix multiple PHP Warnings present in "stock" installation
 2025-09-09 12:27:14 +02:00
FreddleSpl0it
13f7f9830b Prevent user login if protocol access has been disabled 2025-09-09 12:11:19 +02:00
FreddleSpl0it
f67c0530f5 [Rspamd][Web] Internal alias support 2025-09-09 10:37:54 +02:00
DerLinkman
c39712af67 pf/php: add mta-sts support (outbound) (#6686) 
* added mta-sts-resolver into postfix config + daemon

* [Web] Add MTA-STS support

* [Web] Fix mta-sts server_name

* updated .gitignore

* [ACME] fetch cert for mta-sts subdomain

* [Web] change MTA-STS id to human-readable timestamp

* [Web] Remove MTA-STS version STSv2

* [Web] Fix MTA-STS DNS check

* [Web] add max_age limit for MTA-STS policy

* Added tooltips and info texts to mta-sts webui page

* postfix: replace mta-sts-resolver with postfix-tlspol

---------

Co-authored-by: FreddleSpl0it <75116288+FreddleSpl0it@users.noreply.github.com>
 2025-08-26 09:57:05 +02:00
DerLinkman
2b93b59cdd db: change qhash varchar to 64 instead of 255 2025-08-06 16:11:23 +02:00
Christoph Lechleitner
2b2da1679e [DB][Web] optimize qhandler by keeping SHA2 in new column qhash (#6556) 
* [DB][Web] optimize qhandler by keeping SHA2(id+qid) in new column quarantine.qhash, for feature #6555, might also help with #6361

* rspamd: only add qhash to new entries while passing rspamd not all existing

* compose: bump dovecot image + push to registry

---------

Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-08-06 16:02:25 +02:00
FreddleSpl0it
1e42b8dd21 [Web] Add delimiter_action to mailbox and mailbox_template add/edit admin forms (#6620) 2025-08-06 09:40:47 +02:00
Paul Sütterlin
ad9b328ed5 fix: Undefined array key "pending_tfa_methods" in 
/web/inc/footer.inc.php
on line
29
 2025-07-26 01:12:48 +00:00
Paul Sütterlin
3d5b57889a fix: Empty App Links 
The return value of the function caused a warning
in header.inc.php:42 if no additional links were set.

header.inc.php is the only caller of this function,
thus it is safe to return an empty array here.
 2025-07-26 01:08:28 +00:00
Paul Sütterlin
6b8e981bdc fix: Only use HTTP_ORIGIN if it is sent. 2025-07-26 01:06:24 +00:00
Denis Evers
95eb350f15 [netfilter] fix negative timer, no unbanning of IPs (#6575) 
* [netfilter] added debug logs and updated autopurge

* updated "Allow/Blacklist" terms

* netfilter: bumped compose version

* netfilter: changed black/whitelist terms in code

---------

Co-authored-by: Denis Evers <git@evers.sh>
Co-authored-by: DerLinkman <niklas.meyer@servercow.de>
 2025-07-16 10:08:55 +02:00
Peter
1e5fcfe392 Bulgarian language added (#6623) 2025-07-16 09:29:35 +02:00
FreddleSpl0it
03d979c089 [Web] Fix get custom_login 2025-05-13 10:14:58 +02:00
FreddleSpl0it
7f47a3f00e Merge pull request #6530 from mailcow/feat/auto-create-user-option 
[Web] Add identity_provider option to disable auto-creation of users …
 2025-05-12 13:24:34 +02:00
FreddleSpl0it
1bcab9a9a5 Merge pull request #6518 from seclution/patch-2 
fix: typo in default_template
 2025-05-12 13:08:07 +02:00
FreddleSpl0it
1b2f424edc [Web] Add identity_provider option to disable auto-creation of users on login 2025-05-12 12:20:23 +02:00
FreddleSpl0it
75d7f06b25 Merge pull request #6521 from mailcow/feat/login-quicklinks 
[Web] Add quick links to other login pages and mailcow login toggle
 2025-05-09 15:24:36 +02:00
FreddleSpl0it
ea0944d743 [Web] Add quick links to other login pages and option to disable mailcow login form 2025-05-09 15:13:44 +02:00
Kai Biebel
cb6ffe65c8 fix: typo in default_template 2025-05-09 11:24:49 +02:00
FreddleSpl0it
846862aa80 Merge pull request #6506 from mrclschstr/staging 
[Fix] Moving mails by functions.quarantine.inc.php to inbox failed
 2025-05-09 10:00:56 +02:00
FreddleSpl0it
e7a1f24c78 Merge pull request #6483 from PseudoResonance/oauth2-redirect-extra-domain 
Allow additional domains in OAuth2 redirect URLs
 2025-05-09 09:48:08 +02:00