Changeset 3293 in subversion
- Timestamp:
- Feb 26, 2010 3:06:48 AM (3 years ago)
- Location:
- trunk/roundcubemail
- Files:
-
- 3 edited
-
CHANGELOG (modified) (1 diff)
-
program/include/rcube_shared.inc (modified) (1 diff)
-
program/steps/mail/get.inc (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/roundcubemail/CHANGELOG
r3291 r3293 2 2 =========================== 3 3 4 - Fix CVE-2010-0464: Disable DNS prefetching (#1486449) 4 5 - Fix Received headers to behave better with SpamAssassin (#1486513) 5 6 - Password: Make passwords encoding consistent with core, add 'password_charset' global option (#1486473) -
trunk/roundcubemail/program/include/rcube_shared.inc
r3236 r3293 40 40 header("Cache-Control: private, must-revalidate, post-check=0, pre-check=0"); 41 41 header("Pragma: no-cache"); 42 // Request browser to disable DNS prefetching (CVE-2010-0464) 43 header("X-DNS-Prefetch-Control: off"); 42 44 43 45 // We need to set the following headers to make downloads work using IE in HTTPS mode. -
trunk/roundcubemail/program/steps/mail/get.inc
r2979 r3293 42 42 } 43 43 44 send_nocacheing_headers(); 44 45 45 46 // show part page … … 67 68 $browser = new rcube_browser; 68 69 69 send_nocacheing_headers();70 71 70 // send download headers 72 71 if ($_GET['_download']) {
Note: See TracChangeset
for help on using the changeset viewer.
