From bd0551b22076b82a6d49e9f7a2b2e0c90a1b2326 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Fri, 05 Feb 2016 07:25:27 -0500
Subject: [PATCH] Secure also downloads of addressbook exports, managesieve script exports and Enigma keys exports
---
program/js/app.js | 643 +++++++++++++++++++++++++++++++++++++++++++--------------
1 files changed, 483 insertions(+), 160 deletions(-)
diff --git a/program/js/app.js b/program/js/app.js
index 36694b2..45fba7e 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -6,8 +6,8 @@
* @licstart The following is the entire license notice for the
* JavaScript code in this file.
*
- * Copyright (C) 2005-2014, The Roundcube Dev Team
- * Copyright (C) 2011-2014, Kolab Systems AG
+ * Copyright (C) 2005-2015, The Roundcube Dev Team
+ * Copyright (C) 2011-2015, Kolab Systems AG
*
* The JavaScript code in this page is free software: you can
* redistribute it and/or modify it under the terms of the GNU
@@ -77,7 +77,7 @@
});
// unload fix
- $(window).bind('beforeunload', function() { ref.unload = true; });
+ $(window).on('beforeunload', function() { ref.unload = true; });
// set environment variable(s)
this.set_env = function(p, value)
@@ -156,8 +156,8 @@
var n;
this.task = this.env.task;
- // check browser
- if (this.env.server_error != 409 && (!bw.dom || !bw.xmlhttp_test() || (bw.mz && bw.vendver < 1.9) || (bw.ie && bw.vendver < 7))) {
+ // check browser capabilities (never use version checks here)
+ if (this.env.server_error != 409 && (!bw.dom || !bw.xmlhttp_test())) {
this.goto_url('error', '_code=0x199');
return;
}
@@ -274,12 +274,29 @@
this.enable_command('compose', 'add-contact', false);
parent.rcmail.show_contentframe(true);
}
+
+ // initialize drag-n-drop on attachments, so they can e.g.
+ // be dropped into mail compose attachments in another window
+ if (this.gui_objects.attachments)
+ $('li > a', this.gui_objects.attachments).not('.drop').on('dragstart', function(e) {
+ var n, href = this.href, dt = e.originalEvent.dataTransfer;
+ if (dt) {
+ // inject username to the uri
+ href = href.replace(/^https?:\/\//, function(m) { return m + urlencode(ref.env.username) + '@'});
+ // cleanup the node to get filename without the size test
+ n = $(this).clone();
+ n.children().remove();
+
+ dt.setData('roundcube-uri', href);
+ dt.setData('roundcube-name', $.trim(n.text()));
+ }
+ });
}
else if (this.env.action == 'compose') {
this.env.address_group_stack = [];
this.env.compose_commands = ['send-attachment', 'remove-attachment', 'send', 'cancel',
'toggle-editor', 'list-adresses', 'pushgroup', 'search', 'reset-search', 'extwin',
- 'insert-response', 'save-response', 'menu-open', 'menu-close', 'compose-encrypted'];
+ 'insert-response', 'save-response', 'menu-open', 'menu-close'];
if (this.env.drafts_mailbox)
this.env.compose_commands.push('savedraft')
@@ -304,8 +321,8 @@
if (this.gui_objects.responseslist) {
$('a.insertresponse', this.gui_objects.responseslist)
.attr('unselectable', 'on')
- .mousedown(function(e){ return rcube_event.cancel(e); })
- .bind('mouseup keypress', function(e){
+ .mousedown(function(e) { return rcube_event.cancel(e); })
+ .on('mouseup keypress', function(e) {
if (e.type == 'mouseup' || rcube_event.get_keycode(e) == 13) {
ref.command('insert-response', $(this).attr('rel'));
$(document.body).trigger('mouseup'); // hides the menu
@@ -325,7 +342,9 @@
else if (this.env.action == 'get')
this.enable_command('download', 'print', true);
// show printing dialog
- else if (this.env.action == 'print' && this.env.uid) {
+ else if (this.env.action == 'print' && this.env.uid
+ && !this.env.is_pgp_content && !this.env.pgp_mime_part
+ ) {
this.print_dialog();
}
@@ -333,7 +352,7 @@
if (this.gui_objects.mailboxlist) {
this.env.unread_counts = {};
this.gui_objects.folderlist = this.gui_objects.mailboxlist;
- this.http_request('getunread');
+ this.http_request('getunread', {_page: this.env.current_page});
}
// init address book widget
@@ -512,8 +531,11 @@
break;
case 'login':
- var input_user = $('#rcmloginuser');
- input_user.bind('keyup', function(e){ return ref.login_user_keyup(e); });
+ var tz, tz_name, jstz = window.jstz,
+ input_user = $('#rcmloginuser'),
+ input_tz = $('#rcmlogintz');
+
+ input_user.keyup(function(e) { return ref.login_user_keyup(e); });
if (input_user.val() == '')
input_user.focus();
@@ -521,14 +543,10 @@
$('#rcmloginpwd').focus();
// detect client timezone
- if (window.jstz) {
- var timezone = jstz.determine();
- if (timezone.name())
- $('#rcmlogintz').val(timezone.name());
- }
- else {
- $('#rcmlogintz').val(new Date().getStdTimezoneOffset() / -60);
- }
+ if (jstz && (tz = jstz.determine()))
+ tz_name = tz.name();
+
+ input_tz.val(tz_name ? tz_name : (new Date().getStdTimezoneOffset() / -60));
// display 'loading' message on form submit, lock submit button
$('form').submit(function () {
@@ -582,19 +600,19 @@
// activate html5 file drop feature (if browser supports it and if configured)
if (this.gui_objects.filedrop && this.env.filedrop && ((window.XMLHttpRequest && XMLHttpRequest.prototype && XMLHttpRequest.prototype.sendAsBinary) || window.FormData)) {
- $(document.body).bind('dragover dragleave drop', function(e){ return ref.document_drag_hover(e, e.type == 'dragover'); });
+ $(document.body).on('dragover dragleave drop', function(e) { return ref.document_drag_hover(e, e.type == 'dragover'); });
$(this.gui_objects.filedrop).addClass('droptarget')
- .bind('dragover dragleave', function(e){ return ref.file_drag_hover(e, e.type == 'dragover'); })
- .get(0).addEventListener('drop', function(e){ return ref.file_dropped(e); }, false);
+ .on('dragover dragleave', function(e) { return ref.file_drag_hover(e, e.type == 'dragover'); })
+ .get(0).addEventListener('drop', function(e) { return ref.file_dropped(e); }, false);
}
// catch document (and iframe) mouse clicks
var body_mouseup = function(e){ return ref.doc_mouse_up(e); };
$(document.body)
- .bind('mouseup', body_mouseup)
- .bind('keydown', function(e){ return ref.doc_keypress(e); });
+ .mouseup(body_mouseup)
+ .keydown(function(e){ return ref.doc_keypress(e); });
- $('iframe').load(function(e) {
+ $('iframe').on('load', function(e) {
try { $(this.contentDocument || this.contentWindow).on('mouseup', body_mouseup); }
catch (e) {/* catch possible "Permission denied" error in IE */ }
})
@@ -655,7 +673,9 @@
}
// check input before leaving compose step
- if (this.task == 'mail' && this.env.action == 'compose' && $.inArray(command, this.env.compose_commands) < 0 && !this.env.server_error) {
+ if (this.task == 'mail' && this.env.action == 'compose' && !this.env.server_error && command != 'save-pref'
+ && $.inArray(command, this.env.compose_commands) < 0
+ ) {
if (!this.env.is_sent && this.cmp_hash != this.compose_field_hash() && !confirm(this.get_label('notsentwarning')))
return false;
@@ -764,7 +784,7 @@
case 'open':
if (uid = this.get_single_uid()) {
- obj.href = this.url('show', {_mbox: this.get_message_mailbox(uid), _uid: uid});
+ obj.href = this.url('show', this.params_from_uid(uid));
return true;
}
break;
@@ -999,7 +1019,7 @@
break;
}
- this.goto_url('get', qstring+'&_download=1', false);
+ this.goto_url('get', qstring+'&_download=1', false, true);
break;
case 'select-all':
@@ -1190,8 +1210,8 @@
this.gui_objects.messagepartframe.contentWindow.print();
}
else if (uid = this.get_single_uid()) {
- url = '&_action=print&_uid='+uid+'&_mbox='+urlencode(this.get_message_mailbox(uid))+(this.env.safemode ? '&_safe=1' : '');
- if (this.open_window(this.env.comm_path + url, true, true)) {
+ url = this.url('print', this.params_from_uid(uid, {_safe: this.env.safemode ? 1 : 0}));
+ if (this.open_window(url, true, true)) {
if (this.env.action != 'show')
this.mark_message('read', uid);
}
@@ -1200,15 +1220,15 @@
case 'viewsource':
if (uid = this.get_single_uid())
- this.open_window(this.env.comm_path+'&_action=viewsource&_uid='+uid+'&_mbox='+urlencode(this.env.mailbox), true, true);
+ this.open_window(this.url('viewsource', this.params_from_uid(uid)), true, true);
break;
case 'download':
if (this.env.action == 'get') {
- location.href = location.href.replace(/_frame=/, '_download=');
+ location.href = this.secure_url(location.href.replace(/_frame=/, '_download='));
}
else if (uid = this.get_single_uid()) {
- this.goto_url('viewsource', { _uid: uid, _mbox: this.get_message_mailbox(uid), _save: 1 });
+ this.goto_url('viewsource', this.params_from_uid(uid, {_save: 1}), false, true);
}
break;
@@ -1270,7 +1290,7 @@
$('input[name="_unlock"]', form).val(importlock);
- if (!(flag = this.upload_file(form, 'import'))) {
+ if (!(flag = this.upload_file(form, 'import', importlock))) {
this.set_busy(false, null, importlock);
if (flag !== false)
alert(this.get_label('selectimportfile'));
@@ -1296,13 +1316,13 @@
case 'export':
if (this.contact_list.rowcount > 0) {
- this.goto_url('export', { _source: this.env.source, _gid: this.env.group, _search: this.env.search_request });
+ this.goto_url('export', { _source: this.env.source, _gid: this.env.group, _search: this.env.search_request }, false, true);
}
break;
case 'export-selected':
if (this.contact_list.rowcount > 0) {
- this.goto_url('export', { _source: this.env.source, _gid: this.env.group, _cid: this.contact_list.get_selection().join(',') });
+ this.goto_url('export', { _source: this.env.source, _gid: this.env.group, _cid: this.contact_list.get_selection().join(',') }, false, true);
}
break;
@@ -1417,7 +1437,7 @@
if (task == 'mail')
url += '&_mbox=INBOX';
else if (task == 'logout' && !this.env.server_error) {
- url += '&_token=' + this.env.request_token;
+ url = this.secure_url(url);
this.clear_compose_data();
}
@@ -1465,6 +1485,12 @@
return url + '?' + name + '=' + value;
};
+
+ // append CSRF protection token to the given url
+ this.secure_url = function(url)
+ {
+ return this.add_url(url, '_token', this.env.request_token);
+ },
this.is_framed = function()
{
@@ -1617,8 +1643,8 @@
// select the folder if one of its childs is currently selected
// don't select if it's virtual (#1488346)
- if (!node.virtual && this.env.mailbox && this.env.mailbox.startsWith(name + this.env.delimiter))
- this.command('list', name);
+ if (!node.virtual && this.env.mailbox && this.env.mailbox.startsWith(node.id + this.env.delimiter))
+ this.command('list', node.id);
}
else {
var reg = new RegExp('&'+urlencode(node.id)+'&');
@@ -2175,10 +2201,16 @@
this.set_list_sorting = function(sort_col, sort_order)
{
+ var sort_old = this.env.sort_col == 'arrival' ? 'date' : this.env.sort_col,
+ sort_new = sort_col == 'arrival' ? 'date' : sort_col;
+
// set table header class
- $('#rcm'+this.env.sort_col).removeClass('sorted'+(this.env.sort_order.toUpperCase()));
- if (sort_col)
- $('#rcm'+sort_col).addClass('sorted'+sort_order);
+ $('#rcm' + sort_old).removeClass('sorted' + this.env.sort_order.toUpperCase());
+ if (sort_new)
+ $('#rcm' + sort_new).addClass('sorted' + sort_order);
+
+ // if sorting by 'arrival' is selected, click on date column should not switch to 'date'
+ $('#rcmdate > a').prop('rel', sort_col == 'arrival' ? 'arrival' : 'date');
this.env.sort_col = sort_col;
this.env.sort_order = sort_order;
@@ -2235,35 +2267,33 @@
return;
var win, target = window,
- action = preview ? 'preview': 'show',
- url = '&_action='+action+'&_uid='+id+'&_mbox='+urlencode(this.get_message_mailbox(id));
+ url = this.params_from_uid(id, {_caps: this.browser_capabilities()});
if (preview && (win = this.get_frame_window(this.env.contentframe))) {
target = win;
- url += '&_framed=1';
+ url._framed = 1;
}
if (safe)
- url += '&_safe=1';
+ url._safe = 1;
// also send search request to get the right messages
if (this.env.search_request)
- url += '&_search='+this.env.search_request;
-
- // add browser capabilities, so we can properly handle attachments
- url += '&_caps='+urlencode(this.browser_capabilities());
+ url._search = this.env.search_request;
if (this.env.extwin)
- url += '&_extwin=1';
+ url._extwin = 1;
+
+ url = this.url(preview ? 'preview': 'show', url);
if (preview && String(target.location.href).indexOf(url) >= 0) {
this.show_contentframe(true);
}
else {
if (!preview && this.env.message_extwin && !this.env.extwin)
- this.open_window(this.env.comm_path+url, true);
+ this.open_window(url, true);
else
- this.location_href(this.env.comm_path+url, target, true);
+ this.location_href(url, target, true);
// mark as read and change mbox unread counter
if (preview && this.message_list && this.message_list.rows[id] && this.message_list.rows[id].unread && this.env.preview_pane_mark_read > 0) {
@@ -2490,22 +2520,23 @@
// removes messages that doesn't exists from list selection array
this.update_selection = function()
{
- var selected = this.message_list.selection,
- rows = this.message_list.rows,
+ var list = this.message_list,
+ selected = list.selection,
+ rows = list.rows,
i, selection = [];
for (i in selected)
if (rows[selected[i]])
selection.push(selected[i]);
- this.message_list.selection = selection;
+ list.selection = selection;
// reset preview frame, if currently previewed message is not selected (has been removed)
try {
var win = this.get_frame_window(this.env.contentframe),
id = win.rcmail.env.uid;
- if (id && $.inArray(id, selection) < 0)
+ if (id && !list.in_selection(id))
this.show_contentframe(false);
}
catch (e) {};
@@ -2721,8 +2752,9 @@
$('#'+r.id+' .leaf:first')
.attr('id', 'rcmexpando' + r.id)
.attr('class', (r.obj.style.display != 'none' ? 'expanded' : 'collapsed'))
- .bind('mousedown', {uid: r.uid},
- function(e) { return ref.expand_message_row(e, e.data.uid); });
+ .mousedown({uid: r.uid}, function(e) {
+ return ref.expand_message_row(e, e.data.uid);
+ });
r.unread_children = 0;
roots.push(r);
@@ -3356,39 +3388,42 @@
}
};
- //
+ // Load Mailvelope functionality (and initialize keyring if needed)
this.mailvelope_load = function(action)
{
if (this.env.browser_capabilities)
this.env.browser_capabilities['pgpmime'] = 1;
- var keyring = this.get_local_storage_prefix();
+ var keyring = this.env.user_id;
mailvelope.getKeyring(keyring).then(function(kr) {
ref.mailvelope_keyring = kr;
ref.mailvelope_init(action, kr);
- }).catch(function(err) {
+ }, function(err) {
// attempt to create a new keyring for this app/user
mailvelope.createKeyring(keyring).then(function(kr) {
ref.mailvelope_keyring = kr;
ref.mailvelope_init(action, kr);
- }).catch(function(err) {
+ }, function(err) {
console.error(err);
});
});
};
- //
+ // Initializes Mailvelope editor or display container
this.mailvelope_init = function(action, keyring)
{
- if (action == 'show' || action == 'preview') {
+ if (!window.mailvelope)
+ return;
+
+ if (action == 'show' || action == 'preview' || action == 'print') {
// decrypt text body
- if (this.env.is_pgp_content && window.mailvelope) {
+ if (this.env.is_pgp_content) {
var data = $(this.env.is_pgp_content).text();
ref.mailvelope_display_container(this.env.is_pgp_content, data, keyring);
}
// load pgp/mime message and pass it to the mailvelope display container
- else if (this.env.pgp_mime_part && window.mailvelope) {
+ else if (this.env.pgp_mime_part) {
var msgid = this.display_message(this.get_label('loadingdata'), 'loading'),
selector = this.env.pgp_mime_container;
@@ -3396,8 +3431,7 @@
type: 'GET',
url: this.url('get', { '_mbox': this.env.mailbox, '_uid': this.env.uid, '_part': this.env.pgp_mime_part }),
error: function(o, status, err) {
- ref.hide_message(msgkey);
- ref.http_error(o, status, err, lock);
+ ref.http_error(o, status, err, msgid);
},
success: function(data) {
ref.mailvelope_display_container(selector, data, keyring, msgid);
@@ -3405,15 +3439,46 @@
});
}
}
- else if (action == 'compose' && window.mailvelope) {
- this.enable_command('compose-encrypted', true);
+ else if (action == 'compose') {
+ this.env.compose_commands.push('compose-encrypted');
+
+ var is_html = $('input[name="_is_html"]').val() > 0;
+
+ if (this.env.pgp_mime_message) {
+ // fetch PGP/Mime part and open load into Mailvelope editor
+ var lock = this.set_busy(true, this.get_label('loadingdata'));
+
+ $.ajax({
+ type: 'GET',
+ url: this.url('get', this.env.pgp_mime_message),
+ error: function(o, status, err) {
+ ref.http_error(o, status, err, lock);
+ ref.enable_command('compose-encrypted', !is_html);
+ },
+ success: function(data) {
+ ref.set_busy(false, null, lock);
+
+ if (is_html) {
+ ref.command('toggle-editor', {html: false, noconvert: true});
+ $('#' + ref.env.composebody).val('');
+ }
+
+ ref.compose_encrypted({ quotedMail: data });
+ ref.enable_command('compose-encrypted', true);
+ }
+ });
+ }
+ else {
+ // enable encrypted compose toggle
+ this.enable_command('compose-encrypted', !is_html);
+ }
}
};
- // handler for the 'compose-encrypt' command
+ // handler for the 'compose-encrypted' command
this.compose_encrypted = function(props)
{
- var container = $('#' + this.env.composebody).parent();
+ var options, container = $('#' + this.env.composebody).parent();
// remove Mailvelope editor if active
if (ref.mailvelope_editor) {
@@ -3425,10 +3490,28 @@
.find('iframe:not([aria-hidden=true])').remove();
$('#' + ref.env.composebody).show();
$("[name='_pgpmime']").remove();
+
+ // disable commands that operate on the compose body
+ ref.enable_command('spellcheck', 'insert-sig', 'toggle-editor', 'insert-response', 'save-response', true);
+ ref.triggerEvent('compose-encrypted', { active:false });
}
// embed Mailvelope editor container
else {
- var options = { predefinedText: $('#' + this.env.composebody).val() };
+ if (this.spellcheck_state())
+ this.editor.spellcheck_stop();
+
+ if (props.quotedMail) {
+ options = { quotedMail: props.quotedMail, quotedMailIndent: false };
+ }
+ else {
+ options = { predefinedText: $('#' + this.env.composebody).val() };
+ }
+
+ if (this.env.compose_mode == 'reply') {
+ options.quotedMailIndent = true;
+ options.quotedMailHeader = this.env.compose_reply_header;
+ }
+
mailvelope.createEditorContainer('#' + container.attr('id'), ref.mailvelope_keyring, options).then(function(editor) {
ref.mailvelope_editor = editor;
ref.compose_skip_unsavedcheck = true;
@@ -3436,8 +3519,22 @@
container.addClass('mailvelope');
$('#' + ref.env.composebody).hide();
- }).catch(function(err) {
+
+ // disable commands that operate on the compose body
+ ref.enable_command('spellcheck', 'insert-sig', 'toggle-editor', 'insert-response', 'save-response', false);
+ ref.triggerEvent('compose-encrypted', { active:true });
+
+ // notify user about loosing attachments
+ if (ref.env.attachments && !$.isEmptyObject(ref.env.attachments)) {
+ alert(ref.get_label('encryptnoattachments'));
+
+ $.each(ref.env.attachments, function(name, attach) {
+ ref.remove_from_attachment_list(name);
+ });
+ }
+ }, function(err) {
console.error(err);
+ console.log(options);
});
}
};
@@ -3450,7 +3547,7 @@
$.each(['to', 'cc', 'bcc'], function(i,field) {
var pos, rcpt, val = $.trim($('[name="_' + field + '"]').val());
while (val.length && rcube_check_email(val, true)) {
- rcpt = RegExp.$2
+ rcpt = RegExp.$2;
recipients.push(rcpt);
val = val.substr(val.indexOf(rcpt) + rcpt.length + 1).replace(/^\s*,\s*/, '');
}
@@ -3459,12 +3556,48 @@
// check if we have keys for all recipients
var isvalid = recipients.length > 0;
ref.mailvelope_keyring.validKeyForAddress(recipients).then(function(status) {
+ var missing_keys = [];
$.each(status, function(k,v) {
if (v === false) {
isvalid = false;
- alert(ref.get_label('nopubkeyfor').replace('$email', k));
+ missing_keys.push(k);
}
});
+
+ // list recipients with missing keys
+ if (!isvalid && missing_keys.length) {
+ // load publickey.js
+ if (!$('script#publickeyjs').length) {
+ $('<script>')
+ .attr('id', 'publickeyjs')
+ .attr('src', ref.assets_path('program/js/publickey.js'))
+ .appendTo(document.body);
+ }
+
+ // display dialog with missing keys
+ ref.show_popup_dialog(
+ ref.get_label('nopubkeyfor').replace('$email', missing_keys.join(', ')) +
+ '<p>' + ref.get_label('searchpubkeyservers') + '</p>',
+ ref.get_label('encryptedsendialog'),
+ [{
+ text: ref.get_label('search'),
+ 'class': 'mainaction',
+ click: function() {
+ var $dialog = $(this);
+ ref.mailvelope_search_pubkeys(missing_keys, function() {
+ $dialog.dialog('close')
+ });
+ }
+ },
+ {
+ text: ref.get_label('cancel'),
+ click: function(){
+ $(this).dialog('close');
+ }
+ }]
+ );
+ return false;
+ }
if (!isvalid) {
if (!recipients.length) {
@@ -3522,15 +3655,15 @@
form.submit();
- }).catch(function(err) {
+ }, function(err) {
console.log(err);
}); // mailvelope_editor.encrypt()
- }).catch(function(err) {
+ }, function(err) {
console.error(err);
}); // mailvelope_keyring.validKeyForAddress(senders)
- }).catch(function(err) {
+ }, function(err) {
console.error(err);
}); // mailvelope_keyring.validKeyForAddress(recipients)
@@ -3541,14 +3674,169 @@
this.mailvelope_display_container = function(selector, data, keyring, msgid)
{
mailvelope.createDisplayContainer(selector, data, keyring, { showExternalContent: this.env.safemode }).then(function() {
- $(selector).addClass('mailvelope').find('.message-part, .part-notice').hide();
+ $(selector).addClass('mailvelope').children().not('iframe').hide();
ref.hide_message(msgid);
setTimeout(function() { $(window).resize(); }, 10);
- }).catch(function(err) {
+ }, function(err) {
console.error(err);
ref.hide_message(msgid);
ref.display_message('Message decryption failed: ' + err.message, 'error')
});
+ };
+
+ // subroutine to query keyservers for public keys
+ this.mailvelope_search_pubkeys = function(emails, resolve)
+ {
+ // query with publickey.js
+ var deferreds = [],
+ pk = new PublicKey(),
+ lock = ref.display_message(ref.get_label('loading'), 'loading');
+
+ $.each(emails, function(i, email) {
+ var d = $.Deferred();
+ pk.search(email, function(results, errorCode) {
+ if (errorCode !== null) {
+ // rejecting would make all fail
+ // d.reject(email);
+ d.resolve([email]);
+ }
+ else {
+ d.resolve([email].concat(results));
+ }
+ });
+ deferreds.push(d);
+ });
+
+ $.when.apply($, deferreds).then(function() {
+ var missing_keys = [],
+ key_selection = [];
+
+ // alanyze results of all queries
+ $.each(arguments, function(i, result) {
+ var email = result.shift();
+ if (!result.length) {
+ missing_keys.push(email);
+ }
+ else {
+ key_selection = key_selection.concat(result);
+ }
+ });
+
+ ref.hide_message(lock);
+ resolve(true);
+
+ // show key import dialog
+ if (key_selection.length) {
+ ref.mailvelope_key_import_dialog(key_selection);
+ }
+ // some keys could not be found
+ if (missing_keys.length) {
+ ref.display_message(ref.get_label('nopubkeyfor').replace('$email', missing_keys.join(', ')), 'warning');
+ }
+ }).fail(function() {
+ console.error('Pubkey lookup failed with', arguments);
+ ref.hide_message(lock);
+ ref.display_message('pubkeysearcherror', 'error');
+ resolve(false);
+ });
+ };
+
+ // list the given public keys in a dialog with options to import
+ // them into the local Maivelope keyring
+ this.mailvelope_key_import_dialog = function(candidates)
+ {
+ var ul = $('<div>').addClass('listing mailvelopekeyimport');
+ $.each(candidates, function(i, keyrec) {
+ var li = $('<div>').addClass('key');
+ if (keyrec.revoked) li.addClass('revoked');
+ if (keyrec.disabled) li.addClass('disabled');
+ if (keyrec.expired) li.addClass('expired');
+
+ li.append($('<label>').addClass('keyid').text(ref.get_label('keyid')));
+ li.append($('<a>').text(keyrec.keyid.substr(-8).toUpperCase())
+ .attr('href', keyrec.info)
+ .attr('target', '_blank')
+ .attr('tabindex', '-1'));
+
+ li.append($('<label>').addClass('keylen').text(ref.get_label('keylength')));
+ li.append($('<span>').text(keyrec.keylen));
+
+ if (keyrec.expirationdate) {
+ li.append($('<label>').addClass('keyexpired').text(ref.get_label('keyexpired')));
+ li.append($('<span>').text(new Date(keyrec.expirationdate * 1000).toDateString()));
+ }
+
+ if (keyrec.revoked) {
+ li.append($('<span>').addClass('keyrevoked').text(ref.get_label('keyrevoked')));
+ }
+
+ var ul_ = $('<ul>').addClass('uids');
+ $.each(keyrec.uids, function(j, uid) {
+ var li_ = $('<li>').addClass('uid');
+ if (uid.revoked) li_.addClass('revoked');
+ if (uid.disabled) li_.addClass('disabled');
+ if (uid.expired) li_.addClass('expired');
+
+ ul_.append(li_.text(uid.uid));
+ });
+
+ li.append(ul_);
+ li.append($('<input>')
+ .attr('type', 'button')
+ .attr('rel', keyrec.keyid)
+ .attr('value', ref.get_label('import'))
+ .addClass('button importkey')
+ .prop('disabled', keyrec.revoked || keyrec.disabled || keyrec.expired));
+
+ ul.append(li);
+ });
+
+ // display dialog with missing keys
+ ref.show_popup_dialog(
+ $('<div>')
+ .append($('<p>').html(ref.get_label('encryptpubkeysfound')))
+ .append(ul),
+ ref.get_label('importpubkeys'),
+ [{
+ text: ref.get_label('close'),
+ click: function(){
+ $(this).dialog('close');
+ }
+ }]
+ );
+
+ // delegate handler for import button clicks
+ ul.on('click', 'input.button.importkey', function() {
+ var btn = $(this),
+ keyid = btn.attr('rel'),
+ pk = new PublicKey(),
+ lock = ref.display_message(ref.get_label('loading'), 'loading');
+
+ // fetch from keyserver and import to Mailvelope keyring
+ pk.get(keyid, function(armored, errorCode) {
+ ref.hide_message(lock);
+
+ if (errorCode) {
+ ref.display_message(ref.get_label('keyservererror'), 'error');
+ return;
+ }
+
+ // import to keyring
+ ref.mailvelope_keyring.importPublicKey(armored).then(function(status) {
+ if (status === 'REJECTED') {
+ // alert(ref.get_label('Key import was rejected'));
+ }
+ else {
+ var $key = keyid.substr(-8).toUpperCase();
+ btn.closest('.key').fadeOut();
+ ref.display_message(ref.get_label('keyimportsuccess').replace('$key', $key), 'confirmation');
+ }
+ }, function(err) {
+ console.log(err);
+ });
+ });
+ });
+
};
@@ -3897,7 +4185,7 @@
var oldval = input.val(), rx = new RegExp(RegExp.escape(delim) + '\\s*$');
if (oldval && !rx.test(oldval))
oldval += delim + ' ';
- input.val(oldval + recipients.join(delim + ' ') + delim + ' ');
+ input.val(oldval + recipients.join(delim + ' ') + delim + ' ').change();
this.triggerEvent('add-recipient', { field:field, recipients:recipients });
}
@@ -4001,6 +4289,8 @@
if (result) {
// update internal format flag
$("input[name='_is_html']").val(props.html ? 1 : 0);
+ // enable encrypted compose toggle
+ this.enable_command('compose-encrypted', !props.html);
}
return result;
@@ -4030,7 +4320,7 @@
'<textarea name="text" id="ffresponsetext" cols="40" rows="8"></textarea></div>' +
'</form>';
- buttons[this.gettext('save')] = function(e) {
+ buttons[this.get_label('save')] = function(e) {
var name = $('#ffresponsename').val(),
text = $('#ffresponsetext').val();
@@ -4046,11 +4336,11 @@
$(this).dialog('close');
};
- buttons[this.gettext('cancel')] = function() {
+ buttons[this.get_label('cancel')] = function() {
$(this).dialog('close');
};
- this.show_popup_dialog(html, this.gettext('newresponse'), buttons, {button_classes: ['mainaction']});
+ this.show_popup_dialog(html, this.get_label('newresponse'), buttons, {button_classes: ['mainaction']});
$('#ffresponsetext').val(text);
$('#ffresponsename').select();
@@ -4070,10 +4360,10 @@
.attr('tabindex', '0')
.html(this.quote_html(response.name))
.appendTo(li)
- .mousedown(function(e){
+ .mousedown(function(e) {
return rcube_event.cancel(e);
})
- .bind('mouseup keypress', function(e){
+ .on('mouseup keypress', function(e) {
if (e.type == 'mouseup' || rcube_event.get_keycode(e) == 13) {
ref.command('insert-response', $(this).attr('rel'));
$(document.body).trigger('mouseup'); // hides the menu
@@ -4171,7 +4461,7 @@
if (!this.local_save_timer && window.localStorage && this.env.save_localstorage) {
// track typing activity and only save on changes
this.compose_type_activity = this.compose_type_activity_last = 0;
- $(document).bind('keypress', function(e){ ref.compose_type_activity++; });
+ $(document).keypress(function(e) { ref.compose_type_activity++; });
this.local_save_timer = setInterval(function(){
if (ref.compose_type_activity > ref.compose_type_activity_last) {
@@ -4180,7 +4470,7 @@
}
}, 5000);
- $(window).unload(function() {
+ $(window).on('unload', function() {
// remove copy from local storage if compose screen is left after warning
if (!ref.env.server_error)
ref.remove_compose_data(ref.env.compose_id);
@@ -4400,7 +4690,7 @@
};
// upload (attachment) file
- this.upload_file = function(form, action)
+ this.upload_file = function(form, action, lock)
{
if (!form)
return;
@@ -4442,6 +4732,9 @@
if (!content.match(/display_message/))
ref.display_message(ref.get_label('fileuploaderror'), 'error');
ref.remove_from_attachment_list(e.data.ts);
+
+ if (lock)
+ ref.set_busy(false, null, lock);
}
// Opera hack: handle double onload
if (bw.opera)
@@ -4626,6 +4919,9 @@
if (filter)
url._filter = filter;
+ if (this.gui_objects.search_interval)
+ url._interval = $(this.gui_objects.search_interval).val();
+
if (search) {
url._q = search;
@@ -4662,6 +4958,9 @@
if (this.gui_objects.qsearchbox)
this.gui_objects.qsearchbox.value = '';
+ if (this.gui_objects.search_interval)
+ $(this.gui_objects.search_interval).val('');
+
if (this.env.qsearch)
this.abort_request(this.env.qsearch);
@@ -4687,6 +4986,20 @@
if (!this.qsearch(this.gui_objects.qsearchbox.value) && this.env.search_filter && this.env.search_filter != 'ALL')
this.filter_mailbox(this.env.search_filter);
if (scope != 'all')
+ this.select_folder(this.env.mailbox, '', true);
+ }
+ };
+
+ this.set_searchinterval = function(interval)
+ {
+ var old = this.env.search_interval;
+ this.env.search_interval = interval;
+
+ // re-send search query with new interval
+ if (interval != old && this.env.search_request) {
+ if (!this.qsearch(this.gui_objects.qsearchbox.value) && this.env.search_filter && this.env.search_filter != 'ALL')
+ this.filter_mailbox(this.env.search_filter);
+ if (interval)
this.select_folder(this.env.mailbox, '', true);
}
};
@@ -5263,7 +5576,7 @@
// add link to pop back to parent group
if (this.env.address_group_stack.length > 1) {
$('<a href="#list">...</a>')
- .attr('title', this.gettext('uponelevel'))
+ .attr('title', this.get_label('uponelevel'))
.addClass('poplink')
.appendTo(boxtitle)
.click(function(e){ return ref.command('popgroup','',this); });
@@ -7369,7 +7682,7 @@
if (show) {
// truncate stack down to the one containing the ref link
for (var i = this.menu_stack.length - 1; stack && i >= 0; i--) {
- if (!$(ref).parents('#'+this.menu_stack[i]).length)
+ if (!$(ref).parents('#'+this.menu_stack[i]).length && $(event.target).parent().attr('role') != 'menuitem')
this.hide_menu(this.menu_stack[i], event);
}
if (stack && this.menu_stack.length) {
@@ -7587,9 +7900,11 @@
}
};
- this.goto_url = function(action, query, lock)
+ this.goto_url = function(action, query, lock, secure)
{
- this.redirect(this.url(action, query), lock);
+ var url = this.url(action, query)
+ if (secure) url = this.secure_url(url);
+ this.redirect(url, lock);
};
this.location_href = function(url, target, frame)
@@ -7618,8 +7933,11 @@
};
// send a http request to the server
- this.http_request = function(action, data, lock)
+ this.http_request = function(action, data, lock, type)
{
+ if (type != 'POST')
+ type = 'GET';
+
if (typeof data !== 'object')
data = rcube_parse_query(data);
@@ -7643,60 +7961,26 @@
}
}
- var url = this.url(action, data);
-
- // send request
- this.log('HTTP GET: ' + url);
+ var url = this.url(action);
// reset keep-alive interval
this.start_keepalive();
+ // send request
return $.ajax({
- type: 'GET', url: url, dataType: 'json',
+ type: type, url: url, data: data, dataType: 'json',
success: function(data) { ref.http_response(data); },
error: function(o, status, err) { ref.http_error(o, status, err, lock, action); }
});
};
+ // send a http GET request to the server
+ this.http_get = this.http_request;
+
// send a http POST request to the server
this.http_post = function(action, data, lock)
{
- if (typeof data !== 'object')
- data = rcube_parse_query(data);
-
- data._remote = 1;
- data._unlock = lock ? lock : 0;
-
- // trigger plugin hook
- var result = this.triggerEvent('request'+action, data);
-
- // abort if one of the handlers returned false
- if (result === false) {
- if (data._unlock)
- this.set_busy(false, null, data._unlock);
- return false;
- }
- else if (result !== undefined) {
- data = result;
- if (data._action) {
- action = data._action;
- delete data._action;
- }
- }
-
- var url = this.url(action);
-
- // send request
- this.log('HTTP POST: ' + url);
-
- // reset keep-alive interval
- this.start_keepalive();
-
- return $.ajax({
- type: 'POST', url: url, data: data, dataType: 'json',
- success: function(data){ ref.http_response(data); },
- error: function(o, status, err) { ref.http_error(o, status, err, lock, action); }
- });
+ return this.http_request(action, data, lock, 'POST');
};
// aborts ajax request
@@ -7832,7 +8116,7 @@
}
this.enable_command('set-listmode', this.env.threads && !is_multifolder);
- if (list.rowcount > 0)
+ if (list.rowcount > 0 && !$(document.activeElement).is('input,textarea'))
list.focus();
this.msglist_select(list);
}
@@ -7848,7 +8132,7 @@
this.enable_command('search-create', this.env.source == '');
this.enable_command('search-delete', this.env.search_id);
this.update_group_commands();
- if (this.contact_list.rowcount > 0)
+ if (this.contact_list.rowcount > 0 && !$(document.activeElement).is('input,textarea'))
this.contact_list.focus();
this.triggerEvent('listupdate', { folder:this.env.source, rowcount:this.contact_list.rowcount });
}
@@ -8079,7 +8363,7 @@
}
// handle upload errors by parsing iframe content in onload
- frame.bind('load', {ts:ts}, onload);
+ frame.on('load', {ts:ts}, onload);
$(form).attr({
target: frame_name,
@@ -8101,7 +8385,7 @@
// html5 file-drop API
this.document_drag_hover = function(e, over)
{
- e.preventDefault();
+ // don't e.preventDefault() here to not block text dragging on the page (#1490619)
$(this.gui_objects.filedrop)[(over?'addClass':'removeClass')]('active');
};
@@ -8120,21 +8404,39 @@
this.file_drag_hover(e, false);
// prepare multipart form data composition
- var files = e.target.files || e.dataTransfer.files,
+ var uri, files = e.target.files || e.dataTransfer.files,
formdata = window.FormData ? new FormData() : null,
fieldname = (this.env.filedrop.fieldname || '_file') + (this.env.filedrop.single ? '' : '[]'),
boundary = '------multipartformboundary' + (new Date).getTime(),
dashdash = '--', crlf = '\r\n',
- multipart = dashdash + boundary + crlf;
+ multipart = dashdash + boundary + crlf,
+ args = {_id: this.env.compose_id || this.env.cid || '', _remote: 1, _from: this.env.action};
- if (!files || !files.length)
+ if (!files || !files.length) {
+ // Roundcube attachment, pass its uri to the backend and attach
+ if (uri = e.dataTransfer.getData('roundcube-uri')) {
+ var ts = new Date().getTime(),
+ // jQuery way to escape filename (#1490530)
+ content = $('<span>').text(e.dataTransfer.getData('roundcube-name') || this.get_label('attaching')).html();
+
+ args._uri = uri;
+ args._uploadid = ts;
+
+ // add to attachments list
+ if (!this.add2attachment_list(ts, {name: '', html: content, classname: 'uploading', complete: false}))
+ this.file_upload_id = this.set_busy(true, 'attaching');
+
+ this.http_post(this.env.filedrop.action || 'upload', args);
+ }
return;
+ }
// inline function to submit the files to the server
var submit_data = function() {
var multiple = files.length > 1,
ts = new Date().getTime(),
- content = '<span>' + (multiple ? ref.get_label('uploadingmany') : files[0].name) + '</span>';
+ // jQuery way to escape filename (#1490530)
+ content = $('<span>').text(multiple ? ref.get_label('uploadingmany') : files[0].name).html();
// add to attachments list
if (!ref.add2attachment_list(ts, { name:'', html:content, classname:'uploading', complete:false }))
@@ -8143,10 +8445,12 @@
// complete multipart content and post request
multipart += dashdash + boundary + dashdash + crlf;
+ args._uploadid = ts;
+
$.ajax({
type: 'POST',
dataType: 'json',
- url: ref.url(ref.env.filedrop.action || 'upload', {_id: ref.env.compose_id||ref.env.cid||'', _uploadid: ts, _remote: 1, _from: ref.env.action}),
+ url: ref.url(ref.env.filedrop.action || 'upload', args),
contentType: formdata ? false : 'multipart/form-data; boundary=' + boundary,
processData: false,
timeout: 0, // disable default timeout set in ajaxSetup()
@@ -8348,8 +8652,20 @@
// get the IMP mailbox of the message with the given UID
this.get_message_mailbox = function(uid)
{
- var msg = this.env.messages ? this.env.messages[uid] : {};
+ var msg = (this.env.messages && uid ? this.env.messages[uid] : null) || {};
return msg.mbox || this.env.mailbox;
+ };
+
+ // build request parameters from single message id (maybe with mailbox name)
+ this.params_from_uid = function(uid, params)
+ {
+ if (!params)
+ params = {};
+
+ params._uid = String(uid).split('-')[0];
+ params._mbox = this.get_message_mailbox(uid);
+
+ return params;
};
// gets cursor position
@@ -8447,14 +8763,10 @@
if (!this.env.browser_capabilities)
this.env.browser_capabilities = {};
- if (this.env.browser_capabilities.pdf === undefined)
- this.env.browser_capabilities.pdf = this.pdf_support_check();
-
- if (this.env.browser_capabilities.flash === undefined)
- this.env.browser_capabilities.flash = this.flash_support_check();
-
- if (this.env.browser_capabilities.tif === undefined)
- this.tif_support_check();
+ $.each(['pdf', 'flash', 'tif'], function() {
+ if (ref.env.browser_capabilities[this] === undefined)
+ ref.env.browser_capabilities[this] = ref[this + '_support_check']();
+ });
};
// Returns browser capabilities string
@@ -8473,11 +8785,14 @@
this.tif_support_check = function()
{
- var img = new Image();
+ window.setTimeout(function() {
+ var img = new Image();
+ img.onload = function() { ref.env.browser_capabilities.tif = 1; };
+ img.onerror = function() { ref.env.browser_capabilities.tif = 0; };
+ img.src = ref.assets_path('program/resources/blank.tif');
+ }, 10);
- img.onload = function() { ref.env.browser_capabilities.tif = 1; };
- img.onerror = function() { ref.env.browser_capabilities.tif = 0; };
- img.src = this.assets_path('program/resources/blank.tif');
+ return 0;
};
this.pdf_support_check = function()
@@ -8513,6 +8828,14 @@
return 1;
}
+ window.setTimeout(function() {
+ $('<object>').css({position: 'absolute', left: '-10000px'})
+ .attr({data: ref.assets_path('program/resources/dummy.pdf'), width: 1, height: 1, type: 'application/pdf'})
+ .load(function() { ref.env.browser_capabilities.pdf = 1; })
+ .error(function() { ref.env.browser_capabilities.pdf = 0; })
+ .appendTo($('body'));
+ }, 10);
+
return 0;
};
--
Gitblit v1.9.1