From 681ba6fc3c296cd6cd11050531b8f4e785141786 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 16 Dec 2014 07:28:48 -0500
Subject: [PATCH] Improve system security by using optional special URL with security token Allows to define separate server/path for image/js/css files Fix bugs where CSRF attacks were still possible on some requests

---
 program/include/rcmail_output.php |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/program/include/rcmail_output.php b/program/include/rcmail_output.php
index 0f7aaf9..76ff4e7 100644
--- a/program/include/rcmail_output.php
+++ b/program/include/rcmail_output.php
@@ -28,6 +28,7 @@
 abstract class rcmail_output extends rcube_output
 {
     const JS_OBJECT_NAME = 'rcmail';
+    const BLANK_GIF      = 'R0lGODlhDwAPAIAAAMDAwAAAACH5BAEAAAAALAAAAAAPAA8AQAINhI+py+0Po5y02otnAQA7';
 
     public $type = 'html';
     public $ajax_call = false;

--
Gitblit v1.9.1