githubFork/roundcubemail.git

			@@ -2,9 +2,9 @@
			/*
			+-------------------------------------------------------------------------+
			\| Roundcube Webmail IMAP Client \|
			\| Version 0.6-svn \|
			\| Version 0.7.4 \|
			\| \|
			\| Copyright (C) 2005-2011, The Roundcube Dev Team \|
			\| Copyright (C) 2005-2012, The Roundcube Dev Team \|
			\| \|
			\| This program is free software; you can redistribute it and/or modify \|
			\| it under the terms of the GNU General Public License version 2 \|
			@@ -32,6 +32,9 @@

			// init application, start session, init output class, etc.
			$RCMAIL = rcmail::get_instance();

			// Make the whole PHP output non-cacheable (#1487797)
			send_nocacheing_headers();

			// turn on output buffering
			ob_start();
			@@ -116,6 +119,10 @@
			// prevent endless looping on login page
			if ($query['_task'] == 'login')
			unset($query['_task']);

			// prevent redirect to compose with specified ID (#1488226)
			if ($query['_action'] == 'compose' && !empty($query['_id']))
			$query = array();
			}

			// allow plugins to control the redirect url after login success
			@@ -177,7 +184,7 @@
			)
			);
			}


			if ($session_error \|\| $_REQUEST['_err'] == 'session')
			$OUTPUT->show_message('sessionerror', 'error', null, true, -1);

			@@ -192,7 +199,7 @@
			// check client X-header to verify request origin
			if ($OUTPUT->ajax_call) {
			if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) {
			header('HTTP/1.1 404 Not Found');
			header('HTTP/1.1 403 Forbidden');
			die("Invalid Request");
			}
			}
			@@ -211,6 +218,12 @@
			}
			}

			// we're ready, user is authenticated and the request is safe
			$plugin = $RCMAIL->plugins->exec_hook('ready', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
			$RCMAIL->set_task($plugin['task']);
			$RCMAIL->action = $plugin['action'];


			// handle special actions
			if ($RCMAIL->action == 'keep-alive') {
			$OUTPUT->reset();