From 4a408843b0ef816daf70a472a02b78cd6073a4d5 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Sun, 06 Mar 2016 08:31:07 -0500
Subject: [PATCH] Protect download urls against CSRF using unique request tokens (#1490642) Send X-Frame-Options headers with every HTTP response
---
program/steps/mail/viewsource.inc | 14 ++++++++------
1 files changed, 8 insertions(+), 6 deletions(-)
diff --git a/program/steps/mail/viewsource.inc b/program/steps/mail/viewsource.inc
index 0328d96..1e1fe26 100644
--- a/program/steps/mail/viewsource.inc
+++ b/program/steps/mail/viewsource.inc
@@ -1,6 +1,6 @@
<?php
-/*
+/**
+-----------------------------------------------------------------------+
| program/steps/mail/viewsource.inc |
| |
@@ -19,23 +19,25 @@
+-----------------------------------------------------------------------+
*/
+if (!empty($_GET['_save'])) {
+ $RCMAIL->request_security_check(rcube_utils::INPUT_GET);
+}
+
ob_end_clean();
// similar code as in program/steps/mail/get.inc
if ($uid = rcube_utils::get_input_value('_uid', rcube_utils::INPUT_GET)) {
$headers = $RCMAIL->storage->get_message_headers($uid);
- $charset = $headers->charset ? $headers->charset : $RCMAIL->config->get('default_charset');
+ $charset = $headers->charset ?: $RCMAIL->config->get('default_charset');
header("Content-Type: text/plain; charset={$charset}");
if (!empty($_GET['_save'])) {
$subject = rcube_mime::decode_header($headers->subject, $headers->charset);
- $filename = ($subject ? $subject : $RCMAIL->config->get('product_name', 'email')) . '.eml';
+ $filename = ($subject ?: $RCMAIL->config->get('product_name', 'email')) . '.eml';
$browser = $RCMAIL->output->browser;
- if ($browser->ie && $browser->ver < 7)
- $filename = rawurlencode(abbreviate_string($filename, 55));
- else if ($browser->ie)
+ if ($browser->ie)
$filename = rawurlencode($filename);
else
$filename = addcslashes($filename, '"');
--
Gitblit v1.9.1