From cff4856da2907ef23503e13e437a8e0e684123b7 Mon Sep 17 00:00:00 2001 From: Aleksandr Kliushenok Date: Sun, 9 Apr 2017 10:59:58 +0300 Subject: [PATCH 01/15] Update lang.ru.php --- data/web/lang/lang.ru.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/data/web/lang/lang.ru.php b/data/web/lang/lang.ru.php index e2502b83..e82c0971 100644 --- a/data/web/lang/lang.ru.php +++ b/data/web/lang/lang.ru.php @@ -130,9 +130,9 @@ $lang['user']['week'] = "неделя"; $lang['user']['weeks'] = "недели"; $lang['user']['spamfilter'] = "Спам-фильтр"; $lang['user']['spamfilter_wl'] = "Белый список"; -$lang['user']['spamfilter_wl_desc'] = 'Whitelisted email addresses to never classify as spam. Wildcards maybe used.'; +$lang['user']['spamfilter_wl_desc'] = "Белый список адресов электронной почты, позволяет никогда не классифицировать все полученные письма с указанных адресов как спам. Можно добавлять маски адресов."; $lang['user']['spamfilter_bl'] = "Черный список"; -$lang['user']['spamfilter_bl_desc'] = 'Blacklisted email addresses to always classify as spam and reject. Wildcards maybe used.'; +$lang['user']['spamfilter_bl_desc'] = "Черный список адресов электронной почты, позволяет классифицировать все полученные письма с указанных адресов как спам и отклонять их получение. Можно добавлять маски адресов."; $lang['user']['spamfilter_behavior'] = "Рейтинг"; $lang['user']['spamfilter_table_rule'] = "Правила"; $lang['user']['spamfilter_table_action'] = "Действие"; @@ -140,9 +140,9 @@ $lang['user']['spamfilter_table_empty'] = "Нет данных для отобр $lang['user']['spamfilter_table_remove'] = "Удалить"; $lang['user']['spamfilter_table_add'] = "Добавить"; $lang['user']['spamfilter_default_score'] = "Оценки спама"; -$lang['user']['spamfilter_green'] = 'Green: this message is not spam'; -$lang['user']['spamfilter_yellow'] = 'Yellow: this message may be spam, will be tagged as spam and moved to your junk folder'; -$lang['user']['spamfilter_red'] = 'Red: This message is spam and will be rejected by the server'; +$lang['user']['spamfilter_green'] = "Зеленый: это сообщение не является спамом"; +$lang['user']['spamfilter_yellow'] = "Желтый: это сообщение может быть спамом, оно будет помечено как спам и перемещено в папку спам"; +$lang['user']['spamfilter_red'] = "Красный: это сообщение является спамом и не будет принято сервером"; $lang['user']['spamfilter_default_score'] = "Значения по умолчанию"; $lang['user']['spamfilter_hint'] = 'The first value describes the "low spam score", the second represents the "high spam score".'; $lang['user']['spamfilter_table_domain_policy'] = "n/a (domain policy)"; @@ -154,7 +154,7 @@ $lang['user']['no_record'] = "Нет записи"; $lang['user']['misc_settings'] = "Другие настройки профиля"; $lang['user']['misc_delete_profile'] = "Другие настройки профиля"; $lang['user']['tag_handling'] = 'Set handling for tagged mail'; -$lang['user']['tag_in_subfolder'] = "В подпапке"; +$lang['user']['tag_in_subfolder'] = "В подпапку"; $lang['user']['tag_in_subject'] = "В теме"; $lang['user']['tag_help_explain'] = 'In subfolder: a new subfolder named after the tag will be created below INBOX ("INBOX/Facebook").
In subject: the tags name will be prepended to the mails subject, example: "[Facebook] Meine Neuigkeiten".'; @@ -211,7 +211,7 @@ $lang['mailbox']['multiple_bookings'] = 'Multiple bookings'; $lang['mailbox']['kind'] = "Вид"; $lang['mailbox']['description'] = "Описание"; $lang['mailbox']['alias'] = "Псевдоним"; -$lang['mailbox']['resource_name'] = 'Resource name'; +$lang['mailbox']['resource_name'] = "Имя ресурса"; $lang['mailbox']['aliases'] = "Псевдонимы"; $lang['mailbox']['domains'] = "Домены"; $lang['mailbox']['mailboxes'] = "Почтовые ящики"; @@ -221,7 +221,7 @@ $lang['mailbox']['domain_quota'] = "Квота"; $lang['mailbox']['active'] = "Статус"; $lang['mailbox']['action'] = "Действия"; $lang['mailbox']['ratelimit'] = 'Outgoing rate limit/h'; -$lang['mailbox']['backup_mx'] = "Резервный MX"; +$lang['mailbox']['backup_mx'] = "Backup MX"; $lang['mailbox']['domain_aliases'] = "Псевдонимы домена"; $lang['mailbox']['target_domain'] = 'Target domain'; $lang['mailbox']['target_address'] = "Goto address"; @@ -292,7 +292,7 @@ $lang['edit']['description'] = "Описание"; $lang['edit']['max_aliases'] = "Максимум псевдонимов"; $lang['edit']['max_quota'] = "Максимальная квота на почтовый ящик (MiB)"; $lang['edit']['domain_quota'] = "Квота домена"; -$lang['edit']['backup_mx_options'] = "Настройки резервного MX"; +$lang['edit']['backup_mx_options'] = "Backup MX"; $lang['edit']['relay_domain'] = 'Relay domain'; $lang['edit']['relay_all'] = 'Relay all recipients'; $lang['edit']['dkim_signature'] = "DKIM подпись"; @@ -306,7 +306,7 @@ $lang['edit']['dkim_txt_name'] = "Имя TXT записи"; $lang['edit']['dkim_txt_value'] = "Значение TXT записи"; $lang['edit']['previous'] = "Предыдущая страница"; $lang['edit']['unchanged_if_empty'] = "Если без изменений, оставьте поле пустым"; -$lang['edit']['dont_check_sender_acl'] = "Disable sender check for domain %s + alias domains"; +$lang['edit']['dont_check_sender_acl'] = "Отключить проверку отправителя для домена %s + псевдонимы домена"; $lang['edit']['multiple_bookings'] = 'Multiple bookings'; $lang['edit']['kind'] = "Вид"; $lang['edit']['resource'] = "Ресурс"; @@ -332,7 +332,7 @@ $lang['add']['resource_name'] = "Имя ресурса"; $lang['add']['max_mailboxes'] = "Максимум почтовых ящиков"; $lang['add']['mailbox_quota_m'] = "Максимальная квота на почтовый ящик (MiB)"; $lang['add']['domain_quota_m'] = "Общая квота домена (MiB)"; -$lang['add']['backup_mx_options'] = "Настройки резервного MX"; +$lang['add']['backup_mx_options'] = "Backup MX"; $lang['add']['relay_all'] = "Relay all recipients"; $lang['add']['relay_domain'] = "Relay this domain"; $lang['add']['relay_all_info'] = 'If you choose not to relay all recipients, you will need to add a ("blind") mailbox for every single recipient that should be relayed.'; From 10e0c10532eaff84c315944ffe7952cf2c44299a Mon Sep 17 00:00:00 2001 From: Kupfer Date: Mon, 10 Apr 2017 15:09:31 +0200 Subject: [PATCH 02/15] Update lang_de and spelling for lang_en --- data/web/lang/lang.de.php | 26 +++++++++++++------------- data/web/lang/lang.en.php | 8 ++++---- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/data/web/lang/lang.de.php b/data/web/lang/lang.de.php index eef252e9..077882d1 100644 --- a/data/web/lang/lang.de.php +++ b/data/web/lang/lang.de.php @@ -321,8 +321,8 @@ $lang['add']['hostname'] = 'Servername'; $lang['add']['port'] = 'Port'; $lang['add']['username'] = 'Benutzername'; $lang['add']['enc_method'] = 'Verschlüsselungsmethode'; -$lang['add']['maxage'] = 'Maximum age of messages that will be polled from remote (0 = ignore age)'; -$lang['add']['subfolder2'] = 'Sync into subfolder on destination'; +$lang['add']['maxage'] = 'Maximales Alter von Nachrichten, welche vom Remote abgefragt werden (0 = Alter ignorieren)'; +$lang['add']['subfolder2'] = 'Synchronisation in Unterordner am Ziel'; $lang['add']['mins_interval'] = 'Abrufintervall (Minuten)'; $lang['add']['exclude'] = 'Elemente ausschließen (Regex)'; $lang['add']['delete2duplicates'] = 'Lösche Duplikate im Ziel'; @@ -376,8 +376,8 @@ $lang['login']['login'] = 'Anmelden'; $lang['login']['previous'] = 'Vorherige Seite'; $lang['login']['delayed'] = 'Login wurde zur Sicherheit um %s Sekunde/n verzögert.'; -$lang['tfa']['tfa'] = "Two-Factor Authentication"; -$lang['tfa']['set_tfa'] = "Konfiguriere Two-Factor Authentication Methode"; +$lang['tfa']['tfa'] = "Zwei-Faktor-Authentifizierung"; +$lang['tfa']['set_tfa'] = "Konfiguriere Zwei-Faktor-Authentifizierungsmethode"; $lang['tfa']['yubi_otp'] = "Yubico OTP Authentifizierung"; $lang['tfa']['key_id'] = "Ein Name für diesen YubiKey"; $lang['tfa']['api_register'] = 'mailcow verwendet die Yubico Cloud API. Ein API-Key für den Yubico Stick kann hier bezogen werden.'; @@ -385,9 +385,9 @@ $lang['tfa']['u2f'] = "U2F Authentifizierung"; $lang['tfa']['hotp'] = "HOTP Authentifizierung"; $lang['tfa']['totp'] = "TOTP Authentifizierung"; $lang['tfa']['none'] = "Deaktiviert"; -$lang['tfa']['delete_tfa'] = "Deaktiviere TFA"; -$lang['tfa']['disable_tfa'] = "Deaktiviere TFA bis zur nächsten erfolgreichen Anmeldung"; -$lang['tfa']['confirm_tfa'] = "Please confirm your one-time password in the below field"; +$lang['tfa']['delete_tfa'] = "Deaktiviere 2FA"; +$lang['tfa']['disable_tfa'] = "Deaktiviere 2FA bis zur nächsten erfolgreichen Anmeldung"; +$lang['tfa']['confirm_tfa'] = "Bitte bestätigen Sie Ihr Einmal-Passwort im unteren Feld"; $lang['tfa']['confirm'] = "Bestätigen"; $lang['tfa']['otp'] = "Einmalpasswort"; $lang['tfa']['trash_login'] = "Login verwerfen"; @@ -396,9 +396,9 @@ $lang['tfa']['waiting_usb_auth'] = "Warte auf USB-Gerät...

Bi $lang['tfa']['waiting_usb_register'] = "Warte auf USB-Gerät...

Bitte zuerst das obere Passwortfeld ausfüllen und erst dann den vorgesehenen Taster des U2F USB-Gerätes berühren."; $lang['admin']['search_domain_da'] = 'Domains durchsuchen'; -$lang['admin']['restrictions'] = 'Postifx Restriktionen'; -$lang['admin']['rr'] = 'Postifx Recipient Restriktionen'; -$lang['admin']['sr'] = 'Postifx Sender Restriktionen'; +$lang['admin']['restrictions'] = 'Postfix Restriktionen'; +$lang['admin']['rr'] = 'Postfix Empfänger Restriktionen'; +$lang['admin']['sr'] = 'Postfix Sender Restriktionen'; $lang['admin']['reset_defaults'] = 'Standard wiederherstellen'; $lang['admin']['r_inactive'] = 'Inaktive Restriktionen'; $lang['admin']['r_active'] = 'Aktive Restriktionen'; @@ -444,9 +444,9 @@ $lang['admin']['unchanged_if_empty'] = 'Unverändert, wenn leer'; $lang['admin']['yes'] = '✔'; $lang['admin']['no'] = '✘'; $lang['admin']['access'] = 'Zugang'; -$lang['admin']['invalid_max_msg_size'] = 'Invalid max. message size'; // NEEDS TRANSLATION -$lang['admin']['site_not_found'] = 'Kann mailcow Site-Konfiguration nicht finden'; -$lang['admin']['public_folder_empty'] = 'Public folder name must not be empty'; // NEEDS TRANSLATION +$lang['admin']['invalid_max_msg_size'] = 'Maximale Nachrichtengröße ungültig'; // NEEDS TRANSLATION +$lang['admin']['site_not_found'] = 'Kann mailcow Seitenkonfiguration nicht finden'; +$lang['admin']['public_folder_empty'] = 'Öffentlicher Ordner-Name darf nicht leer sein'; // NEEDS TRANSLATION $lang['admin']['set_rr_failed'] = 'Kann Postfix Restriktionen nicht setzen'; $lang['admin']['no_record'] = 'Kein Eintrag'; ?> diff --git a/data/web/lang/lang.en.php b/data/web/lang/lang.en.php index a9f2f51c..2e0487b2 100644 --- a/data/web/lang/lang.en.php +++ b/data/web/lang/lang.en.php @@ -400,11 +400,11 @@ $lang['tfa']['waiting_usb_auth'] = "Waiting for USB device...

$lang['tfa']['waiting_usb_register'] = "Waiting for USB device...

Please enter your password above and confirm your U2F registration by tapping the button on your U2F USB device."; $lang['admin']['search_domain_da'] = 'Search domains'; -$lang['admin']['restrictions'] = 'Postifx Restrictions'; -$lang['admin']['rr'] = 'Postifx Recipient Restrictions'; -$lang['admin']['sr'] = 'Postifx Sender Restrictions'; +$lang['admin']['restrictions'] = 'Postfix Restrictions'; +$lang['admin']['rr'] = 'Postfix Recipient Restrictions'; +$lang['admin']['sr'] = 'Postfix Sender Restrictions'; $lang['admin']['reset_defaults'] = 'Reset to defaults'; -$lang['admin']['sr'] = 'Postifx Sender Restrictions'; +$lang['admin']['sr'] = 'Postfix Sender Restrictions'; $lang['admin']['r_inactive'] = 'Inactive restrictions'; $lang['admin']['r_active'] = 'Active restrictions'; $lang['admin']['r_info'] = 'Greyed out/disabled elements on the list of active restrictions are not known as valid restrictions to mailcow and cannot be moved. Unknown restrictions will be set in order of appearance anyway.
You can add new elements in inc/vars.local.inc.php to be able to toggle them.'; From 653b9cd8595196120fd8c40e8319d5a9fe323bd2 Mon Sep 17 00:00:00 2001 From: steigr Date: Fri, 28 Apr 2017 11:42:04 +0200 Subject: [PATCH 03/15] Fix wrong user of DBNAME in docker-entrypoint.sh --- data/Dockerfiles/dovecot/docker-entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/Dockerfiles/dovecot/docker-entrypoint.sh b/data/Dockerfiles/dovecot/docker-entrypoint.sh index 4a2876d7..a7191306 100755 --- a/data/Dockerfiles/dovecot/docker-entrypoint.sh +++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh @@ -16,7 +16,7 @@ DBPASS=$(echo ${DBPASS} | sed 's/"/\\"/g') # Create quota dict for Dovecot cat < /usr/local/etc/dovecot/sql/dovecot-dict-sql.conf -connect = "host=mysql dbname=${DBNAME} user=${DBNAME} password=${DBPASS}" +connect = "host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}" map { pattern = priv/quota/storage table = quota2 @@ -34,7 +34,7 @@ EOF # Create user and pass dict for Dovecot cat < /usr/local/etc/dovecot/sql/dovecot-mysql.conf driver = mysql -connect = "host=mysql dbname=${DBNAME} user=${DBNAME} password=${DBPASS}" +connect = "host=mysql dbname=${DBNAME} user=${DBUSER} password=${DBPASS}" default_pass_scheme = SSHA256 password_query = SELECT password FROM mailbox WHERE username = '%u' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1') user_query = SELECT CONCAT('maildir:/var/vmail/',maildir) AS mail, 5000 AS uid, 5000 AS gid, concat('*:bytes=', quota) AS quota_rule FROM mailbox WHERE username = '%u' AND active = '1' From 748e7b65e4a317c1f66b408d8bde0390a1825892 Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 1 May 2017 21:24:55 +0200 Subject: [PATCH 04/15] Move docs to own repo --- docs/first_steps.md | 301 ------------------------ docs/images/logo.svg | 179 --------------- docs/index.md | 53 ----- docs/install.md | 126 ---------- docs/u_and_e.md | 536 ------------------------------------------- 5 files changed, 1195 deletions(-) delete mode 100644 docs/first_steps.md delete mode 100644 docs/images/logo.svg delete mode 100644 docs/index.md delete mode 100644 docs/install.md delete mode 100644 docs/u_and_e.md diff --git a/docs/first_steps.md b/docs/first_steps.md deleted file mode 100644 index cba908e5..00000000 --- a/docs/first_steps.md +++ /dev/null @@ -1,301 +0,0 @@ -## SSL (and: How to use Let's Encrypt) - -mailcow dockerized comes with a snakeoil CA "mailcow" and a server certificate in `data/assets/ssl`. Please use your own trusted certificates. - -mailcow uses 3 domain names that should be covered by your new certificate: - -- ${MAILCOW_HOSTNAME} -- autodiscover.**example.org** -- autoconfig.**example.org** - -### Obtain multi-SAN certificate by Let's Encrypt - -This is just an example of how to obtain certificates with certbot. There are several methods! - -1\. Get the certbot client: -``` bash -wget https://dl.eff.org/certbot-auto -O /usr/local/sbin/certbot && chmod +x /usr/local/sbin/certbot -``` - -2\. Make sure you set `HTTP_BIND=0.0.0.0` and `HTTP_PORT=80` in `mailcow.conf` or setup a reverse proxy to enable connections to port 80. If you changed HTTP_BIND, then rebuild Nginx: -``` bash -docker-compose up -d -``` - -3\. Request the certificate with the webroot method: -``` bash -cd /path/to/git/clone/mailcow-dockerized -source mailcow.conf -certbot certonly \ - --webroot \ - -w ${PWD}/data/web \ - -d ${MAILCOW_HOSTNAME} \ - -d autodiscover.example.org \ - -d autoconfig.example.org \ - --email you@example.org \ - --agree-tos -``` - -**Remember to replace the example.org domain with your own domain, this command will not work if you dont.** - -4\. Create hard links to the full path of the new certificates. Assuming you are still in the mailcow root folder: -``` bash -mv data/assets/ssl/cert.{pem,pem.backup} -mv data/assets/ssl/key.{pem,pem.backup} -ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/fullchain.pem) data/assets/ssl/cert.pem -ln $(readlink -f /etc/letsencrypt/live/${MAILCOW_HOSTNAME}/privkey.pem) data/assets/ssl/key.pem -``` - -5\. Restart affected containers: -``` -docker-compose restart postfix-mailcow dovecot-mailcow nginx-mailcow -``` - -When renewing certificates, run the last two steps (link + restart) as post-hook in a script. - -## Rspamd Web UI -At first you may want to setup Rspamds web interface which provides some useful features and information. - -1\. Generate a Rspamd controller password hash: -``` -docker-compose exec rspamd-mailcow rspamadm pw -``` - -2\. Replace the default hash in `data/conf/rspamd/override.d/worker-controller.inc` by your newly generated: -``` -enable_password = "myhash"; -``` - -You can use `password = "myhash";` instead of `enable_password` to disable write-access in the web UI. - -3\. Restart rspamd: -``` -docker-compose restart rspamd-mailcow -``` - -Open https://${MAILCOW_HOSTNAME}/rspamd in a browser and login! - -## Optional: Reverse proxy - -You don't need to change the Nginx site that comes with mailcow: dockerized. -mailcow: dockerized trusts the default gateway IP 172.22.1.1 as proxy. This is very important to control access to Rspamd's web UI. - -1\. Make sure you change HTTP_BIND and HTTPS_BIND in `mailcow.conf` to a local address and set the ports accordingly, for example: -``` bash -HTTP_BIND=127.0.0.1 -HTTP_PORT=8080 -HTTPS_PORT=127.0.0.1 -HTTPS_PORT=8443 -``` -** IMPORTANT: Do not use port 8081 ** - -Recreate affected containers by running `docker-compose up -d`. - -2\. Configure your local webserver as reverse proxy: - -### Apache 2.4 -``` apache - - ServerName mail.example.org - ServerAlias autodiscover.example.org - ServerAlias autoconfig.example.org - - [...] - # You should proxy to a plain HTTP session to offload SSL processing - ProxyPass / http://127.0.0.1:8080/ - ProxyPassReverse / http://127.0.0.1:8080/ - ProxyPreserveHost Off - your-ssl-configuration-here - [...] - - # If you plan to proxy to a HTTPS host: - #SSLProxyEngine On - - # If you plan to proxy to an untrusted HTTPS host: - #SSLProxyVerify none - #SSLProxyCheckPeerCN off - #SSLProxyCheckPeerName off - #SSLProxyCheckPeerExpire off - -``` - -### Nginx -``` -server { - listen 443; - server_name mail.example.org autodiscover.example.org autoconfig.example.org; - - [...] - your-ssl-configuration-here - location / { - proxy_pass http://127.0.0.1:8080/; - proxy_redirect http://127.0.0.1:8080/ $scheme://$host:$server_port/; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - [...] -} -``` - -## Optional: Setup a relayhost - -Insert these lines to `data/conf/postfix/main.cf`. "relayhost" does already exist (empty), just change its value. -``` -relayhost = [your-relayhost]:587 -smtp_sasl_password_maps = hash:/opt/postfix/conf/smarthost_passwd -smtp_sasl_auth_enable = yes -``` - -Create the credentials file: -``` -echo "your-relayhost username:password" > data/conf/postfix/smarthost_passwd -``` - -Run: -``` -docker-compose exec postfix-mailcow postmap /opt/postfix/conf/smarthost_passwd -docker-compose exec postfix-mailcow chown root:postfix /opt/postfix/conf/smarthost_passwd /opt/postfix/conf/smarthost_passwd.db -docker-compose exec postfix-mailcow chmod 660 /opt/postfix/conf/smarthost_passwd /opt/postfix/conf/smarthost_passwd.db -docker-compose exec postfix-mailcow postfix reload -``` - -### Helper script - -There is a helper script `mailcow-setup-relayhost.sh` you can run to setup a relayhost. - -``` bash -Usage: - -Setup a relayhost: -./mailcow-setup-relayhost.sh relayhost port (username) (password) -Username and password are optional parameters. - -Reset to defaults: -./mailcow-setup-relayhost.sh reset -``` - -## Optional: Log to Syslog - -Enable Rsyslog to receive logs on 524/tcp: - -``` -# This setting depends on your Rsyslog version and configuration format. -# For most Debian derivates it will work like this... -$ModLoad imtcp -$TCPServerAddress 127.0.0.1 -$InputTCPServerRun 524 - -# ...while for Ubuntu 16.04 it looks like this: -module(load="imtcp") -input(type="imtcp" address="127.0.0.1" port="524") - -# No matter your Rsyslog version, you should set this option to off -# if you plan to use Fail2ban -$RepeatedMsgReduction off -``` - -Restart rsyslog after enabling the TCP listener. - -Now setup Docker daemon to start with the syslog driver. -This enables the syslog driver for all containers! - -Debian users can change the startup configuration in `/etc/default/docker` while CentOS users find it in `/etc/sysconfig/docker`: -``` -... -DOCKER_OPTS="--log-driver=syslog --log-opt syslog-address=tcp://127.0.0.1:524" -... -``` - -**Caution:** For some reason Ubuntu 16.04 and some, but not all, systemd based distros do not read the defaults file parameters. - -Just run `systemctl edit docker.service` and add the following content to fix it. - -**Note:** If "systemctl edit" is not available, just copy the content to `/etc/systemd/system/docker.service.d/override.conf`. - -The first empty ExecStart parameter is not a mistake. - -``` -[Service] -EnvironmentFile=/etc/default/docker -ExecStart= -ExecStart=/usr/bin/docker daemon -H fd:// $DOCKER_OPTS -``` - -Restart the Docker daemon and run `docker-compose down && docker-compose up -d` to recreate the containers. - -### Use Fail2ban - -**This is a subsection of "Log to Syslog", which is required for Fail2ban to work.** - -Open `/etc/fail2ban/filter.d/common.conf` and search for the prefix_line parameter, change it to ".*": - -``` -__prefix_line = .* -``` - -Create `/etc/fail2ban/jail.d/dovecot.conf`... -``` -[dovecot] -enabled = true -filter = dovecot -logpath = /var/log/syslog -chain = FORWARD -``` - -and `jail.d/postfix-sasl.conf`: -``` -[postfix-sasl] -enabled = true -filter = postfix-sasl -logpath = /var/log/syslog -chain = FORWARD -``` - -Restart Fail2ban. - -## Install a local MTA - -The easiest option would be to disable the listener on port 25/tcp. - -**Postfix** users disable the listener by commenting the following line (starting with `smtp` or `25`) in `/etc/postfix/master.cf`: -``` -#smtp inet n - - - - smtpd -``` -Restart Postfix after applying your changes. - -## Sender and receiver model - -When a mailbox is created, a user is allowed to send mail from and receive mail for his own mailbox address. - - Mailbox me@example.org is created. example.org is a primary domain. - Note: a mailbox cannot be created in an alias domain. - - me@example.org is only known as me@example.org. - me@example.org is allowed to send as me@example.org. - -We can add an alias domain for example.org: - - Alias domain alias.com is added and assigned to primary domain example.org. - me@example.org is now known as me@example.org and me@alias.com. - me@example.org is now allowed to send as me@example.org and me@alias.com. - -We can add aliases for a mailbox to receive mail for and to send from this new address. - -It is important to know, that you are not able to receive mail for `my-alias@my-alias-domain.tld`. You would need to create this particular alias. - - me@example.org is assigned the alias alias@example.org - me@example.org is now known as alias@example.org, me@alias.com, alias@example.org - - me@example.org is NOT known as alias@alias.com. - -Administrators and domain administrators can edit mailboxes to allow specific users to send as other mailbox users ("delegate" them). - -You can choose between mailbox users or completely disable the sender check for domains. - -### SOGo "mail from" addresses - -Mailbox users can, obviously, select their own mailbox address, as well as all alias addresses and aliases that exist through alias domains. - -If you want to select another _existing_ mailbox user as your "mail from" address, this user has to delegate you access through SOGo (see SOGo documentation). Moreover a mailcow (domain) administrator -needs to grant you access as described above. diff --git a/docs/images/logo.svg b/docs/images/logo.svg deleted file mode 100644 index ea3b2796..00000000 --- a/docs/images/logo.svg +++ /dev/null @@ -1,179 +0,0 @@ - - - -image/svg+xml \ No newline at end of file diff --git a/docs/index.md b/docs/index.md deleted file mode 100644 index c48e0d17..00000000 --- a/docs/index.md +++ /dev/null @@ -1,53 +0,0 @@ -# mailcow: dockerized - 🐮 + 🐋 = 💕 - -[![Servercow](https://www.servercow.de/img/cow_globe_200.svg)](https://www.servercow.de) - -If you want to support mailcow, consider hosting mailcow on a Servercow virtual machine @ Servercow! - -## Screenshots - -You can find screenshots [on Imgur](http://imgur.com/a/oewYt). - -## Overview - -mailcow dockerized comes with **12 containers** linked in **one bridged network**. -Each container represents a single application. - -- Dovecot -- ClamAV -- Memcached -- Redis -- MySQL -- Bind9 (Resolver) (formerly PDNS Recursor) -- PHP-FPM -- Postfix -- Nginx -- Rmilter -- Rspamd -- SOGo - -**7 volumes** to keep dynamic data - take care of them! - -- vmail-vol-1 -- dkim-vol-1 -- redis-vol-1 -- mysql-vol-1 -- rspamd-vol-1 -- postfix-vol-1 -- crypt-vol-1 - -The integrated **mailcow UI** allows administrative work on your mail server instance as well as separated domain administrator and mailbox user access: - -- DKIM key management -- Black- and whitelists per domain and per user -- Spam score managment per-user (reject spam, mark spam, greylist) -- Allow mailbox users to create temporary spam aliases -- Prepend mail tags to subject or move mail to subfolder (per-user) -- Allow mailbox users to toggle incoming and outgoing TLS enforcement -- Allow users to reset SOGo ActiveSync device caches -- imapsync to migrate or pull remote mailboxes regularly -- TFA: Yubi OTP and U2F USB (Google Chrome and derivates only) -- Add domains, mailboxes, aliases, domain aliases and SOGo resources -- Add whitelisted hosts to forward mail to mailcow - -*[Looking for a farm to host your cow?](https://www.servercow.de)* diff --git a/docs/install.md b/docs/install.md deleted file mode 100644 index b9322f00..00000000 --- a/docs/install.md +++ /dev/null @@ -1,126 +0,0 @@ -## Install mailcow - -**WARNING**: Please use Ubuntu 16.04 instead of Debian 8 or [switch to the kernel 4.9 from jessie backports](https://packages.debian.org/jessie-backports/linux-image-amd64) because there is a bug (kernel panic) with the kernel 3.16 when running docker containers with healthchecks! Full details here: [github.com/docker/docker/issues/30402](https://github.com/docker/docker/issues/30402) and [forum.mailcow.email/t/solved-mailcow-docker-causes-kernel-panic-edit/448](https://forum.mailcow.email/t/solved-mailcow-docker-causes-kernel-panic-edit/448) - -You need Docker and Docker Compose. - -1\. Learn how to install [Docker](https://docs.docker.com/engine/installation/linux/) and [Docker Compose](https://docs.docker.com/compose/install/). - -Quick installation for most operation systems: - -- Docker -``` -curl -sSL https://get.docker.com/ | sh -``` - -- Docker-Compose -``` -curl -L https://github.com/docker/compose/releases/download/$(curl -Ls https://www.servercow.de/docker-compose/latest.php)/docker-compose-$(uname -s)-$(uname -m) > /usr/local/bin/docker-compose -chmod +x /usr/local/bin/docker-compose -``` - -Please use the latest Docker engine available and do not use the engine that ships with your distros repository. - -2\. Clone the master branch of the repository -``` -git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized -``` - -3\. Generate a configuration file. Use a FQDN (`host.domain.tld`) as hostname when asked. -``` -./generate_config.sh -``` - -4\. Change configuration if you want or need to. -``` -nano mailcow.conf -``` -If you plan to use a reverse proxy, you can, for example, bind HTTPS to 127.0.0.1 on port 8443 and HTTP to 127.0.0.1 on port 8080. - -You may need to stop an existing pre-installed MTA which blocks port 25/tcp. See [this chapter](https://andryyy.github.io/mailcow-dockerized/first_steps/#install-a-local-mta) to learn how to reconfigure Postfix to run besides mailcow after a successful installation. - -5\. Pull the images and run the composer file. The paramter `-d` will start mailcow: dockerized detached: -``` -docker-compose pull -docker-compose up -d -``` - -Done! - -You can now access **https://${MAILCOW_HOSTNAME}** with the default credentials `admin` + password `moohoo`. - -The database will be initialized right after a connection to MySQL can be established. - -## Update mailcow - -There is no update routine. You need to refresh your pulled repository clone and apply your local changes (if any). Actually there are many ways to merge local changes. - -### Step 1, method 1 -Stash all local changes, pull changes from the remote master branch and apply your stash on top of it. You will most likely see warnings about non-commited changes; you can ignore them: - -``` -# Stash local changes -git stash -# Re-pull master -git pull -# Apply stash and remove it -git stash pop -``` - -### Step 1, method 2 -Fetch new data from GitHub, commit changes and merge remote repository: - -``` -# Get updates/changes -git fetch -# Add all changed files to local clone -git add -A -# Commit changes, ignore git complaining about username and mail address -git commit -m "Local config aat $(date)" -# Merge changes -git merge -``` - -If git complains about conflicts, solve them! Example: -``` -CONFLICT (content): Merge conflict in data/web/index.php -``` - -Open `data/web/index.php`, solve the conflict, close the file and run `git add -A` + `git commit -m "Solved conflict"`. - -### Step 1, method 3 - -Thanks to fabreg @ GitHub! - -In case both methods do not work (for many reason like you're unable to fix the CONFLICTS or any other reasons) you can simply start all over again. - -Keep in mind that all local changes _to configuration files_ will be lost. However, your volumes will not be removed. - -- Copy mailcow.conf somewhere outside the mailcow-dockerized directory -- Stop and remove mailcow containers: `docker-compose down` -- Delete the directory or rename it -- Clone the remote repository again (`git clone https://github.com/andryyy/mailcow-dockerized && cd mailcow-dockerized`). **Pay attention** to this step - the folder must have the same name of the previous one! -- Copy back your previous `mailcow.conf` into the mailcow-dockerizd folder - -If you forgot to stop Docker before deleting the cloned directoy, you can use the following commands: -``` -docker stop $(docker ps -a -q) -docker rm $(docker ps -a -q) -``` - -### Step 2 - -Pull new images (if any) and recreate changed containers: - -``` -docker-compose pull -docker-compose up -d --remove-orphans -``` - -### Step 3 -Clean-up dangling (unused) images and volumes: - -``` -docker rmi -f $(docker images -f "dangling=true" -q) -docker volume rm $(docker volume ls -qf dangling=true) -``` diff --git a/docs/u_and_e.md b/docs/u_and_e.md deleted file mode 100644 index d61b81eb..00000000 --- a/docs/u_and_e.md +++ /dev/null @@ -1,536 +0,0 @@ -## mailcow UI configuration - -Several configuration parameters of the mailcow UI can be changed by creating a file `data/web/inc/vars.local.inc.php` which overrides defaults settings found in `data/web/inc/vars.inc.php`. - -The local configuration file is persistent over updates of mailcow. Try not to change values inside `data/web/inc/vars.inc.php`, but use them as template for the local override. - -mailcow UI configuration parameters can be to... - -- ...change the default language* -- ...change the default bootstrap theme -- ...set a password complexity regex -- ...add mailcow app buttons to the login screen -- ...set a pagination trigger -- ...set action after submitting forms (stay in form, return to previous page) - -\* To change SOGos default language, you will need to edit `data/conf/sogo/sogo.conf` and replace "English" by your preferred language. - -## Anonymize headers - -Save as `data/conf/postfix/mailcow_anonymize_headers.pcre`: - -``` -/^\s*Received:[^\)]+\)\s+\(Authenticated sender:(.+)/ - REPLACE Received: from localhost (localhost [127.0.0.1]) (Authenticated sender:$1 -/^\s*User-Agent/ IGNORE -/^\s*X-Enigmail/ IGNORE -/^\s*X-Mailer/ IGNORE -/^\s*X-Originating-IP/ IGNORE -/^\s*X-Forward/ IGNORE -``` - -Add this to `data/conf/postfix/main.cf`: -``` -smtp_header_checks = pcre:/opt/postfix/conf/mailcow_anonymize_headers.pcre -``` - -## Backup and restore maildir (simple tar file) - -### Backup - -This line backups the vmail directory to a file backup_vmail.tar.gz in the mailcow root directory: -``` -cd /path/to/mailcow-dockerized -source mailcow.conf -DATE=$(date +"%Y%m%d_%H%M%S") -docker run --rm -it -v $(docker inspect --format '{{ range .Mounts }}{{ if eq .Destination "/var/vmail" }}{{ .Name }}{{ end }}{{ end }}' $(docker-compose ps -q dovecot-mailcow)):/vmail -v ${PWD}:/backup debian:jessie tar cvfz /backup/backup_vmail.tar.gz /vmail -``` - -You can change the path by adjusting ${PWD} (which equals to the current directory) to any path you have write-access to. -Set the filename `backup_vmail.tar.gz` to any custom name, but leave the path as it is. Example: `[...] tar cvfz /backup/my_own_filename_.tar.gz` - -### Restore -``` -cd /path/to/mailcow-dockerized -source mailcow.conf -DATE=$(date +"%Y%m%d_%H%M%S") -docker run --rm -it -v $(docker inspect --format '{{ range .Mounts }}{{ if eq .Destination "/var/vmail" }}{{ .Name }}{{ end }}{{ end }}' $(docker-compose ps -q dovecot-mailcow)):/vmail -v ${PWD}:/backup debian:jessie tar xvfz /backup/backup_vmail.tar.gz -``` - -## Docker Compose Bash completion - -For the tab-tab... :-) - -``` -curl -L https://raw.githubusercontent.com/docker/compose/$(docker-compose version --short)/contrib/completion/bash/docker-compose -o /etc/bash_completion.d/docker-compose -``` -## Black and Whitelist - -Edit a domain as (domain) administrator to add an item to the filter table. - -Beware that a mailbox user can login to mailcow and override a domain policy filter item. - -## Customize Dockerfiles - -Make your changes in `data/Dockerfiles/$service` and build the image locally: - -``` -docker build data/Dockerfiles/service -t mailcow/$service -``` - -Now auto-recreate modified containers: - -``` -docker-compose up -d -``` - -## Disable sender addresses verification - -This option is not best-practice and should only be implemented when there is no other option available to archive whatever you are trying to do. - -Simply create a file `data/conf/postfix/check_sasl_access` and enter the following content. This user must exist in your installation and needs to authenticate before sending mail. -``` -user-to-allow-everything@example.com OK -``` - -Open `data/conf/postfix/main.cf` and find `smtpd_sender_restrictions`. Prepend `check_sasl_access hash:/opt/postfix/conf/check_sasl_access` like this: -``` -smtpd_sender_restrictions = check_sasl_access hash:/opt/postfix/conf/check_sasl_access reject_authenticated_sender_login_mismatch [...] -``` - -Run postmap on check_sasl_access: - -``` -docker-compose exec postfix-mailcow postmap /opt/postfix/conf/check_sasl_access -``` - -Restart the Postfix container. - -## Install Roundcube - -Download Roundcube 1.3.x (beta at the time of Feb 2017) to the web htdocs directory and extract it (here `rc/`): -``` -cd data/web/rc -wget -O - https://github.com/roundcube/roundcubemail/releases/download/1.3-beta/roundcubemail-1.3-beta-complete.tar.gz | tar xfvz - -# Change folder name -mv roundcubemail-1.3* rc -# Change permissions -chown -R root: rc/ -``` - -Create a file `data/web/rc/config/config.inc.php` with the following content. - -**Change the `des_key` parameter to a random value.** It is used to temporarily store your IMAP password. - -``` - array('verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true) -); -$config['enable_installer'] = false; -$config['smtp_conn_options'] = array( -'ssl' => array('verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true) -); -``` - -Point your browser to `https://myserver/rc/installer` and follow the instructions. -Initialize the database and leave the installer. - -**Delete the directory `data/web/rc/installer` after a successful installation!** - -### Enable change password function in Roundcube - -Open `data/web/rc/config/config.inc.php` and enable the password plugin: - -``` -... -$config['plugins'] = array( - 'archive', - 'password', -); -... -``` - -Open `data/web/rc/plugins/password/password.php`, search for `case 'ssha':` and add above: - -``` - case 'ssha256': - $salt = rcube_utils::random_bytes(8); - $crypted = base64_encode( hash('sha256', $password . $salt, TRUE ) . $salt ); - $prefix = '{SSHA256}'; - break; -``` - -Open `data/web/rc/plugins/password/config.inc.php` and change the following parameters (or add them at the bottom of that file): - -``` -$config['password_driver'] = 'sql'; -$config['password_algorithm'] = 'ssha256'; -$config['password_algorithm_prefix'] = '{SSHA256}'; -$config['password_query'] = "UPDATE mailbox SET password = %P WHERE username = %u"; -``` - -## MySQL - -### Connect -``` -source mailcow.conf -docker-compose exec mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} -``` - -### Backup -``` -cd /path/to/mailcow-dockerized -source mailcow.conf -DATE=$(date +"%Y%m%d_%H%M%S") -docker-compose exec mysql-mailcow mysqldump --default-character-set=utf8mb4 -u${DBUSER} -p${DBPASS} ${DBNAME} > backup_${DBNAME}_${DATE}.sql -``` - -### Restore -``` -cd /path/to/mailcow-dockerized -source mailcow.conf -docker-compose exec mysql-mailcow mysql -u${DBUSER} -p${DBPASS} ${DBNAME} < backup_file.sql -``` - -### Reset MySQL passwords - -Stop the stack by running `docker-compose stop`. - -When the containers came to a stop, run this command: - -``` -docker-compose run --rm --entrypoint '/bin/sh -c "gosu mysql mysqld --skip-grant-tables & sleep 10 && mysql -hlocalhost -uroot && exit 0"' mysql-mailcow -``` - -**1\. Find database name** - -``` -MariaDB [(none)]> show databases; -+--------------------+ -| Database | -+--------------------+ -| information_schema | -| mailcow_database | <===== -| mysql | -| performance_schema | -+--------------------+ -4 rows in set (0.00 sec) -``` - -**2\. Reset one or more users** - -Both "password" and "authentication_string" exist. Currently "password" is used, but better set both. - -``` -MariaDB [(none)]> SELECT user FROM mysql.user; -+--------------+ -| user | -+--------------+ -| mailcow_user | <===== -| root | -+--------------+ -2 rows in set (0.00 sec) - -MariaDB [(none)]> FLUSH PRIVILEGES; -MariaDB [(none)]> UPDATE mysql.user SET authentication_string = PASSWORD('gotr00t'), password = PASSWORD('gotr00t') WHERE User = 'root' AND Host = '%'; -MariaDB [(none)]> UPDATE mysql.user SET authentication_string = PASSWORD('mookuh'), password = PASSWORD('mookuh') WHERE User = 'mailcow' AND Host = '%'; -MariaDB [(none)]> FLUSH PRIVILEGES; -``` - -## Debugging - -You can use `docker-compose logs $service-name` for all containers. - -Run `docker-compose logs` for all logs at once. - -Follow the log output by running docker-compose with `logs -f`. - -Limit the output by calling logs with `--tail=300` like `docker-compose logs --tail=300 mysql-mailcow`. - -## Redirect port 80 to 443 - -Since February the 28th 2017 mailcow does come with port 80 and 443 enabled. - -Open `mailcow.conf` and set `HTTP_BIND=0.0.0.0`. - -Open `data/conf/nginx/site.conf` and add a new "catch-all" site at the top of that file: - -``` -server { - listen 80 default_server; - include /etc/nginx/conf.d/server_name.active; - return 301 https://$host$request_uri; -} -``` - -Restart the stack, changed containers will be updated: - -`docker-compose up -d` - -## Redis - -### Client - -``` -docker-compose exec redis-mailcow redis-cli -``` - -## Remove persistent data - -- Remove volume `mysql-vol-1` to remove all MySQL data. -- Remove volume `redis-vol-1` to remove all Redis data. -- Remove volume `vmail-vol-1` to remove all contents of `/var/vmail` mounted to `dovecot-mailcow`. -- Remove volume `dkim-vol-1` to remove all DKIM keys. -- Remove volume `rspamd-vol-1` to remove all Rspamd data. - -Running `docker-compose down -v` will **destroy all mailcow: dockerized volumes** and delete any related containers. - -## Reset admin password -Reset mailcow admin to `admin:moohoo`: - -``` -cd mailcow_path -bash reset_admin.sh -``` - -## Rspamd - -### Learn spam and ham - -Rspamd learns mail as spam or ham when you move a message in or out of the junk folder to any mailbox besides trash. -This is archived by using the Dovecot plugin "antispam" and a simple parser script. - -Rspamd also auto-learns mail when a high or low score is detected (see https://rspamd.com/doc/configuration/statistic.html#autolearning) - -The bayes statistics are written to Redis as keys `BAYES_HAM` and `BAYES_SPAM`. - -You can also use Rspamd's web ui to learn ham and/or spam. - -### Learn ham or spam from existing directory - -You can use a one-liner to learn mail in plain-text (uncompressed) format: -``` -# Ham -for file in /my/folder/cur/*; do docker exec -i $(docker-compose ps -q rspamd-mailcow) rspamc learn_ham < $file; done -# Spam -for file in /my/folder/.Junk/cur/*; do docker exec -i $(docker-compose ps -q rspamd-mailcow) rspamc learn_spam < $file; done -``` - -Consider attaching a local folder as new volume to `rspamd-mailcow` in `docker-compose.yml` and learn given files inside the container. This can be used as workaround to parse compressed data with zcat. Example: - -``` -for file in /data/old_mail/.Junk/cur/*; do rspamc learn_spam < zcat $file; done -``` - -### CLI tools - -``` -docker-compose exec rspamd-mailcow rspamc --help -docker-compose exec rspamd-mailcow rspamadm --help -``` - -See [Rspamd documentation](https://rspamd.com/doc/index.html) - -## Adjust service configurations - -The most important configuration files are mounted from the host into the related containers: - -``` -data/conf -├── bind9 -│   └── named.conf -├── dovecot -│   ├── dovecot.conf -│   ├── dovecot-master.passwd -│   ├── sieve_after -│   └── sql -│   ├── dovecot-dict-sql.conf -│   └── dovecot-mysql.conf -├── mysql -│   └── my.cnf -├── nginx -│   ├── dynmaps.conf -│   ├── site.conf -│   └── templates -│   ├── listen_plain.template -│   ├── listen_ssl.template -│   └── server_name.template -├── pdns -│   ├── pdns_custom.lua -│   └── recursor.conf -├── postfix -│   ├── main.cf -│   ├── master.cf -│   ├── postscreen_access.cidr -│   ├── smtp_dsn_filter -│   └── sql -│   ├── mysql_relay_recipient_maps.cf -│   ├── mysql_tls_enforce_in_policy.cf -│   ├── mysql_tls_enforce_out_policy.cf -│   ├── mysql_virtual_alias_domain_catchall_maps.cf -│   ├── mysql_virtual_alias_domain_maps.cf -│   ├── mysql_virtual_alias_maps.cf -│   ├── mysql_virtual_domains_maps.cf -│   ├── mysql_virtual_mailbox_maps.cf -│   ├── mysql_virtual_relay_domain_maps.cf -│   ├── mysql_virtual_sender_acl.cf -│   └── mysql_virtual_spamalias_maps.cf -├── rmilter -│   └── rmilter.conf -├── rspamd -│   ├── dynmaps -│   │   ├── authoritative.php -│   │   ├── settings.php -│   │   ├── tags.php -│   │   └── vars.inc.php -> ../../../web/inc/vars.inc.php -│   ├── local.d -│   │   ├── dkim.conf -│   │   ├── metrics.conf -│   │   ├── options.inc -│   │   ├── redis.conf -│   │   ├── rspamd.conf.local -│   │   └── statistic.conf -│   ├── lua -│   │   └── rspamd.local.lua -│   └── override.d -│   ├── logging.inc -│   ├── worker-controller.inc -│   └── worker-normal.inc -└── sogo - ├── sieve.creds - └── sogo.conf - -``` - -Just change the according configuration file on the host and restart the related service: -``` -docker-compose restart service-mailcow -``` - -## Tagging - -Mailbox users can tag their mail address like in `me+facebook@example.org` and choose between to setups to handle this tag: - -1\. Move this message to a subfolder "facebook" (will be created lower case if not existing) - -2\. Prepend the tag to the subject: "[facebook] Subject" - -## Two-factor authentication - -So far two methods for TFA are implemented. Both work with the fantastic [Yubikey](https://www.yubico.com). - -While Yubi OTP needs an active internet connection and an API ID and key, U2F will work with any FIDO U2F USB key out of the box, but can only be used when mailcow is accessed over HTTPS. - -Both methods support multiple YubiKeys. - -As administrator you are able to temporary disable a domain administrators TFA login until they successfully logged in. - -The key used to login will be displayed in green, while other keys remain grey. - -### Yubi OTP - -The Yubi API ID and Key will be checked against the Yubico Cloud API. When setting up TFA you will be asked for your personal API account for this key. -The API ID, API key and the first 12 characters (your YubiKeys ID in modhex) are stored in the MySQL table as secret. - -### U2F - -Only Google Chrome (+derivates) and Opera support U2F authentication to this day natively. -For Firefox you will need to install the "U2F Support Add-on" as provided on [mozilla.org](https://addons.mozilla.org/en-US/firefox/addon/u2f-support-add-on/). - -U2F works without an internet connection. - -## Portainer - -In order to enable Portainer, the docker-compose.yml and site.conf for nginx must be modified. - -1\. docker-compose.yml: Insert this block for portainer -``` - portainer-mailcow: - image: portainer/portainer - volumes: - - /var/run/docker.sock:/var/run/docker.sock - restart: always - dns: - - 172.22.1.254 - dns_search: mailcow-network - networks: - mailcow-network: - aliases: - - portainer -``` -2a\. data/conf/nginx/site.conf: Just beneath the opening line, at the same level as a server { block, add this: -``` -upstream portainer { - server portainer-mailcow:9000; -} - -map $http_upgrade $connection_upgrade { - default upgrade; - '' close; -} -``` - -2b\. data/conf/nginx/site.conf: Then, inside **both** (ssl and plain) server blocks, add this: -``` - location /portainer/ { - proxy_http_version 1.1; - proxy_set_header Host $http_host; # required for docker client's sake - proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_read_timeout 900; - - proxy_set_header Connection ""; - proxy_buffers 32 4k; - proxy_pass http://portainer/; - } - - location /portainer/api/websocket/ { - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - proxy_pass http://portainer/api/websocket/; - } -``` - -Now you can simply navigate to https://${MAILCOW_HOSTNAME}/portainer/ to view your Portainer container monitoring page. You’ll then be prompted to specify a new password for the **admin** account. After specifying your password, you’ll then be able to connect to the Portainer UI. - -## Change autodiscover setup type - -This disables ActiveSync in the autodiscover service for Outlook and configures it with IMAP and SMTP instead: - -Open `data/web/autodiscover.php` and set `'useEASforOutlook' => 'yes'` to `'useEASforOutlook' => 'no'`. - -To always use IMAP and SMTP instead of EAS, set `'autodiscoverType' => 'imap'`. - -## Why Bind? - -For DNS blacklist lookups and DNSSEC. - -Most systems use either a public or a local caching DNS resolver. -That's a very bad idea when it comes to filter spam using DNS-based blackhole lists (DNSBL) or similar technics. -Most if not all providers apply a rate limit based on the DNS resolver that is used to query their service. -Using a public resolver like Googles 4x8, OpenDNS or any other shared DNS resolver like your ISPs will hit that limit very soon. From 73be3bb259b7f6f6a53b95bbc4a29a8651d7579d Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 1 May 2017 21:36:07 +0200 Subject: [PATCH 05/15] Remove mkdocs.yml, remove unused docs site ignore --- .gitignore | 1 - mkdocs.yml | 25 ------------------------- 2 files changed, 26 deletions(-) delete mode 100644 mkdocs.yml diff --git a/.gitignore b/.gitignore index 6ccd199d..c61097e9 100644 --- a/.gitignore +++ b/.gitignore @@ -8,5 +8,4 @@ data/conf/nginx/server_name.active data/conf/postfix/sql data/conf/dovecot/sql data/web/inc/vars.local.inc.php -site/ data/assets/ssl diff --git a/mkdocs.yml b/mkdocs.yml deleted file mode 100644 index 1ab6bec8..00000000 --- a/mkdocs.yml +++ /dev/null @@ -1,25 +0,0 @@ -site_name: "mailcow: dockerized" -repo_url: https://github.com/andryyy/mailcow-dockerized -remote_branch: gh-pages -theme: material -extra: - social: - - type: 'github' - link: 'https://github.com/andryyy/mailcow-dockerized' - palette: - primary: 'indigo' - accent: 'yellow' - logo: 'images/logo.svg' - -markdown_extensions: - - admonition - - codehilite(guess_lang=true) - - footnotes - - meta - - toc(permalink=true) - -pages: - - 'This is mailcow': 'index.md' - - 'Installation': 'install.md' - - 'First Steps': 'first_steps.md' - - 'Usage & Examples': 'u_and_e.md' From 4ff6f2dbf92902a4ae3066c6948415b253a54f00 Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 1 May 2017 21:43:19 +0200 Subject: [PATCH 06/15] Fix readme link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 025dc825..29857408 100644 --- a/README.md +++ b/README.md @@ -2,4 +2,4 @@ [![Donate](https://img.shields.io/badge/Donate-PayPal-green.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=JWBSYHF4SMC68) -Please see [the official documentation](https://andryyy.github.io/mailcow-dockerized/) for instructions. +Please see [the official documentation](https://mailcow.github.io/mailcow-dockerized-docs/) for instructions. From a46a84a94963c701649882135d3854d44b3605b3 Mon Sep 17 00:00:00 2001 From: andryyy Date: Sun, 14 May 2017 14:26:07 +0200 Subject: [PATCH 07/15] Fix docker-entrypoint, fixes key merging from file to Redis --- data/Dockerfiles/php-fpm/docker-entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/data/Dockerfiles/php-fpm/docker-entrypoint.sh b/data/Dockerfiles/php-fpm/docker-entrypoint.sh index 1e4d3fe6..591f6568 100755 --- a/data/Dockerfiles/php-fpm/docker-entrypoint.sh +++ b/data/Dockerfiles/php-fpm/docker-entrypoint.sh @@ -1,7 +1,7 @@ #!/bin/bash set -e -if [[ ! -d "/data/dkim/txt" || ! -d "/data/dkim/keys" ]] ; then mkdir -p /data/dkim/{txt,keys} ; chown -R www-data:www-data /data/dkim; fi +if [[ ! -d "/data/dkim/txt" || ! -d "/data/dkim/keys" ]] ; then mkdir -p /data/dkim/{txt,keys} ; chown -R www-data:www-data /data/dkim; fi if [[ $(stat -c %U /data/dkim/) != "www-data" ]] ; then chown -R www-data:www-data /data/dkim ; fi # Wait for containers @@ -50,7 +50,7 @@ fi for file in $(ls /data/dkim/keys/); do domain=${file%.dkim} if [[ -f /data/dkim/txt/${file} ]]; then - redis-cli -h redis-mailcow HSET DKIM_PUB_KEYS "${domain}" "$(cat /data/dkim/keys/${domain})" + redis-cli -h redis-mailcow HSET DKIM_PUB_KEYS "${domain}" "$(cat /data/dkim/txt/${file})" redis-cli -h redis-mailcow HSET DKIM_PRIV_KEYS "${domain}" "$(cat /data/dkim/keys/${file})" redis-cli -h redis-mailcow HSET DKIM_SELECTORS "${domain}" "dkim.${domain}" fi From e6b6ca7f2dae55b85d1112da7ef2cd6d6c30c5aa Mon Sep 17 00:00:00 2001 From: Michael Kuron Date: Sun, 14 May 2017 17:56:23 +0200 Subject: [PATCH 08/15] ipv6nat: automatically load kernel modules if needed --- docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose.yml b/docker-compose.yml index 17f3862b..93a60f92 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -272,6 +272,7 @@ services: network_mode: "host" volumes: - /var/run/docker.sock:/var/run/docker.sock:ro + - /lib/modules:/lib/modules:ro networks: mailcow-network: From e795898b80fabad951f70b25bca5a50062af1961 Mon Sep 17 00:00:00 2001 From: andryyy Date: Sun, 14 May 2017 20:16:43 +0200 Subject: [PATCH 09/15] Fix Redis migration --- data/Dockerfiles/php-fpm/docker-entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/Dockerfiles/php-fpm/docker-entrypoint.sh b/data/Dockerfiles/php-fpm/docker-entrypoint.sh index 591f6568..b973fb75 100755 --- a/data/Dockerfiles/php-fpm/docker-entrypoint.sh +++ b/data/Dockerfiles/php-fpm/docker-entrypoint.sh @@ -52,7 +52,7 @@ for file in $(ls /data/dkim/keys/); do if [[ -f /data/dkim/txt/${file} ]]; then redis-cli -h redis-mailcow HSET DKIM_PUB_KEYS "${domain}" "$(cat /data/dkim/txt/${file})" redis-cli -h redis-mailcow HSET DKIM_PRIV_KEYS "${domain}" "$(cat /data/dkim/keys/${file})" - redis-cli -h redis-mailcow HSET DKIM_SELECTORS "${domain}" "dkim.${domain}" + redis-cli -h redis-mailcow HSET DKIM_SELECTORS "${domain}" "dkim" fi rm /data/dkim/{keys,txt}/${file} done From d06e938d0eee341dae6a8d2e23c38f71b6c88729 Mon Sep 17 00:00:00 2001 From: andryyy Date: Sun, 14 May 2017 21:54:18 +0200 Subject: [PATCH 10/15] Destroy session when invalid, use more compatible js path --- .../inc/lib/vendor/owasp/csrf-protector-php/libs/config.php | 4 ++-- data/web/inc/sessions.inc.php | 6 +++++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php index b9833d64..3b9254e7 100755 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php +++ b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php @@ -39,9 +39,9 @@ return array( "customErrorMessage" => "", "jsPath" => "../js/csrfprotector.js", // Fetching IS_HTTPS from sessions handler - "jsUrl" => get_trusted_hostname(), + "jsUrl" => "/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js", "tokenLength" => 10, "secureCookie" => false, "disabledJavascriptMessage" => "", "verifyGetFor" => array() -); \ No newline at end of file +); diff --git a/data/web/inc/sessions.inc.php b/data/web/inc/sessions.inc.php index e6beb485..b6241839 100644 --- a/data/web/inc/sessions.inc.php +++ b/data/web/inc/sessions.inc.php @@ -54,5 +54,9 @@ function session_check() { return true; } if (isset($_SESSION['mailcow_cc_role']) && session_check() === false) { - exit("Invalid session"); + session_regenerate_id(true); + session_unset(); + session_destroy(); + session_write_close(); + header("Location: /"); } From 861ade77ab42f348dc4484491f946091af56115a Mon Sep 17 00:00:00 2001 From: andryyy Date: Sun, 14 May 2017 22:11:12 +0200 Subject: [PATCH 11/15] New Dockerfile --- data/Dockerfiles/php-fpm/Dockerfile | 19 +++++-------------- 1 file changed, 5 insertions(+), 14 deletions(-) diff --git a/data/Dockerfiles/php-fpm/Dockerfile b/data/Dockerfiles/php-fpm/Dockerfile index 0d65040f..224275fa 100644 --- a/data/Dockerfiles/php-fpm/Dockerfile +++ b/data/Dockerfiles/php-fpm/Dockerfile @@ -1,24 +1,15 @@ -FROM php:7.1-fpm +FROM php:7.1-fpm-alpine LABEL maintainer "Andre Peters " ARG DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install -y \ - g++ \ - libicu-dev \ - libidn11-dev \ - libxml2-dev \ - mysql-client \ - redis-tools \ - zlib1g-dev \ - && rm -rf /var/lib/apt/lists/* - +RUN apk add -U --no-cache libxml2-dev icu-dev icu-libs redis mysql-client bash autoconf g++ make openssl +RUN pecl install redis && pecl clear-cache RUN docker-php-ext-configure intl RUN docker-php-ext-install intl pdo pdo_mysql xmlrpc +RUN docker-php-ext-enable redis RUN pear install channel://pear.php.net/Net_IDNA2-0.1.1 Auth_SASL Net_IMAP NET_SMTP Net_IDNA2 Mail_mime -RUN pecl install -o -f redis \ - && rm -rf /tmp/pear \ - && docker-php-ext-enable redis +RUN apk del autoconf g++ make libxml2-dev icu-dev COPY ./docker-entrypoint.sh / From 82c805d091a3a7ee46598adc7b8afe34be616064 Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 15 May 2017 09:29:03 +0200 Subject: [PATCH 12/15] Remove owasp tool --- data/web/inc/lib/composer.json | 3 +- data/web/inc/lib/composer.lock | 42 +- .../lib/vendor/composer/autoload_classmap.php | 8 - .../lib/vendor/composer/autoload_static.php | 8 - .../inc/lib/vendor/composer/installed.json | 38 - .../owasp/csrf-protector-php/.coveralls.yml | 4 - .../owasp/csrf-protector-php/.travis.yml | 46 - .../owasp/csrf-protector-php/composer.json | 14 - .../files/libs/csrf/csrfprotector-php.html | 74 - .../owasp/csrf-protector-php/docs/index.html | 1 - .../csrf-protector-php/docs/index/Files.html | 33 - .../docs/index/Functions.html | 65 - .../docs/index/General.html | 69 - .../docs/index/Variables.html | 41 - .../docs/javascript/main.js | 841 --------- .../docs/javascript/prettify.js | 1526 ----------------- .../docs/javascript/searchdata.js | 122 -- .../docs/search/FilesC.html | 20 - .../docs/search/FunctionsA.html | 20 - .../docs/search/FunctionsC.html | 20 - .../docs/search/FunctionsF.html | 20 - .../docs/search/FunctionsG.html | 20 - .../docs/search/FunctionsI.html | 20 - .../docs/search/FunctionsL.html | 20 - .../docs/search/FunctionsO.html | 20 - .../docs/search/FunctionsR.html | 20 - .../docs/search/FunctionsU.html | 20 - .../docs/search/GeneralA.html | 20 - .../docs/search/GeneralC.html | 20 - .../docs/search/GeneralF.html | 20 - .../docs/search/GeneralG.html | 20 - .../docs/search/GeneralI.html | 20 - .../docs/search/GeneralL.html | 20 - .../docs/search/GeneralO.html | 20 - .../docs/search/GeneralR.html | 20 - .../docs/search/GeneralU.html | 20 - .../docs/search/GeneralV.html | 20 - .../docs/search/NoResults.html | 15 - .../docs/search/VariablesC.html | 20 - .../docs/search/VariablesI.html | 20 - .../docs/search/VariablesR.html | 20 - .../csrf-protector-php/docs/styles/main.css | 824 --------- .../owasp/csrf-protector-php/js/README.md | 15 - .../csrf-protector-php/js/csrfprotector.js | 366 ---- .../owasp/csrf-protector-php/js/index.php | 7 - .../owasp/csrf-protector-php/libs/README.md | 21 - .../owasp/csrf-protector-php/libs/config.php | 47 - .../csrf-protector-php/libs/csrf/README.md | 6 - .../libs/csrf/csrfprotector.php | 536 ------ .../csrf-protector-php/libs/csrf/index.php | 7 - .../owasp/csrf-protector-php/libs/index.php | 7 - .../owasp/csrf-protector-php/licence.md | 13 - .../owasp/csrf-protector-php/log/.htaccess | 1 - .../owasp/csrf-protector-php/log/index.php | 7 - .../owasp/csrf-protector-php/phpunit.xml.dist | 15 - .../vendor/owasp/csrf-protector-php/readme.md | 65 - .../csrf-protector-php/test/config.test.php | 27 - .../test/csrfprotector_test.php | 534 ------ data/web/inc/prerequisites.inc.php | 12 - 59 files changed, 3 insertions(+), 5917 deletions(-) delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/.coveralls.yml delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/.travis.yml delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/composer.json delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/files/libs/csrf/csrfprotector-php.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Files.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Functions.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/General.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Variables.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/main.js delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/prettify.js delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/searchdata.js delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FilesC.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsA.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsC.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsF.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsG.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsI.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsL.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsO.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsR.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsU.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralA.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralC.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralF.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralG.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralI.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralL.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralO.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralR.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralU.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralV.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/NoResults.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesC.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesI.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesR.html delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/styles/main.css delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/js/README.md delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/js/index.php delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/README.md delete mode 100755 data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/README.md delete mode 100755 data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/index.php delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/index.php delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/licence.md delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/log/.htaccess delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/log/index.php delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/phpunit.xml.dist delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/readme.md delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/test/config.test.php delete mode 100644 data/web/inc/lib/vendor/owasp/csrf-protector-php/test/csrfprotector_test.php diff --git a/data/web/inc/lib/composer.json b/data/web/inc/lib/composer.json index 7adb5ca0..d811958b 100644 --- a/data/web/inc/lib/composer.json +++ b/data/web/inc/lib/composer.json @@ -1,7 +1,6 @@ { "require": { "robthree/twofactorauth": "^1.6", - "yubico/u2flib-server": "^1.0", - "owasp/csrf-protector-php": "dev-master" + "yubico/u2flib-server": "^1.0" } } diff --git a/data/web/inc/lib/composer.lock b/data/web/inc/lib/composer.lock index 8e9ac8c2..ad216890 100644 --- a/data/web/inc/lib/composer.lock +++ b/data/web/inc/lib/composer.lock @@ -4,44 +4,8 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "413fc63dc6c7815f0a175217bccb490a", + "content-hash": "5652a086b6d277d72d7ae0341e517b1e", "packages": [ - { - "name": "owasp/csrf-protector-php", - "version": "dev-master", - "source": { - "type": "git", - "url": "https://github.com/mebjas/CSRF-Protector-PHP.git", - "reference": "aec0d6966992363a7192b2ae9fb0a9643e8fa26b" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/mebjas/CSRF-Protector-PHP/zipball/aec0d6966992363a7192b2ae9fb0a9643e8fa26b", - "reference": "aec0d6966992363a7192b2ae9fb0a9643e8fa26b", - "shasum": "" - }, - "require-dev": { - "satooshi/php-coveralls": "~1.0" - }, - "type": "library", - "autoload": { - "classmap": [ - "libs/csrf/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "APACHE" - ], - "description": "CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app.", - "homepage": "https://github.com/mebjas/CSRF-Protector-PHP", - "keywords": [ - "csrf", - "owasp", - "security" - ], - "time": "2017-04-12T05:47:07+00:00" - }, { "name": "robthree/twofactorauth", "version": "1.6", @@ -132,9 +96,7 @@ "packages-dev": [], "aliases": [], "minimum-stability": "stable", - "stability-flags": { - "owasp/csrf-protector-php": 20 - }, + "stability-flags": [], "prefer-stable": false, "prefer-lowest": false, "platform": [], diff --git a/data/web/inc/lib/vendor/composer/autoload_classmap.php b/data/web/inc/lib/vendor/composer/autoload_classmap.php index b62afd4e..44393069 100644 --- a/data/web/inc/lib/vendor/composer/autoload_classmap.php +++ b/data/web/inc/lib/vendor/composer/autoload_classmap.php @@ -6,14 +6,6 @@ $vendorDir = dirname(dirname(__FILE__)); $baseDir = dirname($vendorDir); return array( - 'alreadyInitializedException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'baseJSFileNotFoundExceptio' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'configFileNotFoundException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'csrfProtector' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'incompleteConfigurationException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'jsFileNotFoundException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'logDirectoryNotFoundException' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'logFileWriteError' => $vendorDir . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', 'u2flib_server\\Error' => $vendorDir . '/yubico/u2flib-server/src/u2flib_server/U2F.php', 'u2flib_server\\RegisterRequest' => $vendorDir . '/yubico/u2flib-server/src/u2flib_server/U2F.php', 'u2flib_server\\Registration' => $vendorDir . '/yubico/u2flib-server/src/u2flib_server/U2F.php', diff --git a/data/web/inc/lib/vendor/composer/autoload_static.php b/data/web/inc/lib/vendor/composer/autoload_static.php index d6d62685..5e2dabab 100644 --- a/data/web/inc/lib/vendor/composer/autoload_static.php +++ b/data/web/inc/lib/vendor/composer/autoload_static.php @@ -21,14 +21,6 @@ class ComposerStaticInit873464e4bd965a3168f133248b1b218b ); public static $classMap = array ( - 'alreadyInitializedException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'baseJSFileNotFoundExceptio' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'configFileNotFoundException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'csrfProtector' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'incompleteConfigurationException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'jsFileNotFoundException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'logDirectoryNotFoundException' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', - 'logFileWriteError' => __DIR__ . '/..' . '/owasp/csrf-protector-php/libs/csrf/csrfprotector.php', 'u2flib_server\\Error' => __DIR__ . '/..' . '/yubico/u2flib-server/src/u2flib_server/U2F.php', 'u2flib_server\\RegisterRequest' => __DIR__ . '/..' . '/yubico/u2flib-server/src/u2flib_server/U2F.php', 'u2flib_server\\Registration' => __DIR__ . '/..' . '/yubico/u2flib-server/src/u2flib_server/U2F.php', diff --git a/data/web/inc/lib/vendor/composer/installed.json b/data/web/inc/lib/vendor/composer/installed.json index cd2803e5..33744814 100644 --- a/data/web/inc/lib/vendor/composer/installed.json +++ b/data/web/inc/lib/vendor/composer/installed.json @@ -52,44 +52,6 @@ "tfa" ] }, - { - "name": "owasp/csrf-protector-php", - "version": "dev-master", - "version_normalized": "9999999-dev", - "source": { - "type": "git", - "url": "https://github.com/mebjas/CSRF-Protector-PHP.git", - "reference": "aec0d6966992363a7192b2ae9fb0a9643e8fa26b" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/mebjas/CSRF-Protector-PHP/zipball/aec0d6966992363a7192b2ae9fb0a9643e8fa26b", - "reference": "aec0d6966992363a7192b2ae9fb0a9643e8fa26b", - "shasum": "" - }, - "require-dev": { - "satooshi/php-coveralls": "~1.0" - }, - "time": "2017-04-12T05:47:07+00:00", - "type": "library", - "installation-source": "source", - "autoload": { - "classmap": [ - "libs/csrf/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "APACHE" - ], - "description": "CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app.", - "homepage": "https://github.com/mebjas/CSRF-Protector-PHP", - "keywords": [ - "csrf", - "owasp", - "security" - ] - }, { "name": "yubico/u2flib-server", "version": "1.0.1", diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/.coveralls.yml b/data/web/inc/lib/vendor/owasp/csrf-protector-php/.coveralls.yml deleted file mode 100644 index bc8e74cc..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/.coveralls.yml +++ /dev/null @@ -1,4 +0,0 @@ -service_name: travis-ci -src_dir: ./libs/ -coverage_clover: build/logs/clover.xml -json_path: build/logs/coveralls-upload.json \ No newline at end of file diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/.travis.yml b/data/web/inc/lib/vendor/owasp/csrf-protector-php/.travis.yml deleted file mode 100644 index d5821b24..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/.travis.yml +++ /dev/null @@ -1,46 +0,0 @@ -language: php -php: - - "5.6" - - "5.5" - - "5.4" - - "5.3" - - "7.0" - - "7.1" - - hhvm - - nightly - -matrix: - allow_failures: - - php: nightly - - php: hhvm - -os: - - linux - -install: - # Install composer packages, will also trigger dump-autoload - - composer install --no-interaction - # Install coveralls.phar - - wget -c -nc --retry-connrefused --tries=0 https://github.com/satooshi/php-coveralls/releases/download/v1.0.1/coveralls.phar - - chmod +x coveralls.phar - - php coveralls.phar --version - -before_script: - - mkdir -p build/logs - - ls -al - -script: - - mkdir -p build/logs - - if [ $(phpenv version-name) = 'hhvm' ]; then echo 'xdebug.enable=1' >> /etc/hhvm/php.ini; fi - - phpunit --stderr --coverage-clover build/logs/clover.xml - -after_script: - - php vendor/bin/coveralls -v - -after_success: - - travis_retry php coveralls.phar -v - -cache: - directories: - - vendor - - $HOME/.cache/composer diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/composer.json b/data/web/inc/lib/vendor/owasp/csrf-protector-php/composer.json deleted file mode 100644 index bc7836ba..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/composer.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name": "owasp/csrf-protector-php", - "type": "library", - "description": "CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app.", - "keywords": ["security","csrf", "owasp"], - "homepage": "https://github.com/mebjas/CSRF-Protector-PHP", - "license": "APACHE", - "require-dev": { - "satooshi/php-coveralls": "~1.0" - }, - "autoload": { - "classmap": ["libs/csrf/"] - } -} diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/files/libs/csrf/csrfprotector-php.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/files/libs/csrf/csrfprotector-php.html deleted file mode 100644 index a6eeb437..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/files/libs/csrf/csrfprotector-php.html +++ /dev/null @@ -1,74 +0,0 @@ - - -/Users/minhazav/github/CSRF-Protector-PHP/libs/csrf/csrfprotector.php - - - - - - - - - -

csrfprotector.php

Summary
csrfprotector.php
Variables
$cookieExpiryTimeexpiry time for cookie @var int
$isSameOriginflag for cross origin/same origin request @var bool
$isValidHTMLflag to check if output file is a valid HTML or not @var bool
$requestTypeVaraible to store weather request type is post or get @var string
$configconfig file for CSRFProtector @var int Array, length = 6 Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails Property: #2: logDirectory (string) => directory in which log will be saved Property: #3: customErrorMessage (string) => custom error message to be sent in case of failed authentication Property: #4: jsFile (string) => location of the CSRFProtector js file Property: #5: tokenLength (int) => default length of hash Property: #6: disabledJavascriptMessage (string) => error message if client’s js is disabled
Functions
initfunction to initialise the csrfProtector work flow
useCachedVersionfunction to check weather to use cached version of js file or not
createNewJsCacheFunction to create new cache version of js
authorisePostfunction to authorise incoming post requests
failedValidationActionfunction to be called in case of failed validation performs logging and take appropriate action
refreshTokenFunction to set auth cookie
generateAuthTokenfunction to generate random hash of length as given in parameter max length = 128
ob_handlerRewrites <form> on the fly to add CSRF tokens to them.
logCSRFattackFunctio to log CSRF Attack
getCurrentUrlFunction to return current url of executing page
isURLallowedFunction to check if a url mataches for any urls Listed in config file
- -

Variables

- -

$cookieExpiryTime

public static $cookieExpiryTime

expiry time for cookie @var int

- -

$isSameOrigin

private static $isSameOrigin

flag for cross origin/same origin request @var bool

- -

$isValidHTML

private static $isValidHTML

flag to check if output file is a valid HTML or not @var bool

- -

$requestType

protected static $requestType

Varaible to store weather request type is post or get @var string

- -

$config

public static $config

config file for CSRFProtector @var int Array, length = 6 Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails Property: #2: logDirectory (string) => directory in which log will be saved Property: #3: customErrorMessage (string) => custom error message to be sent in case of failed authentication Property: #4: jsFile (string) => location of the CSRFProtector js file Property: #5: tokenLength (int) => default length of hash Property: #6: disabledJavascriptMessage (string) => error message if client’s js is disabled

- -

Functions

- -

init

public static function init($length =  null,
$action =  null)

function to initialise the csrfProtector work flow

Parameters

$lengthlength of CSRF_AUTH_TOKEN to be generated
$actionint array, for different actions to be taken in case of failed validation

Returns

void

Throws

configFileNotFoundExceptionwhen configuration file is not found
- -

useCachedVersion

public static function useCachedVersion()

function to check weather to use cached version of js file or not

Parameters

void

Returns

bool -- true if cacheversion can be used -- false otherwise

- -

createNewJsCache

public static function createNewJsCache()

Function to create new cache version of js

Parameters

void

Returns

void

Throws

baseJSFileNotFoundExceptioif baseJsFile is not found
- -

authorisePost

public static function authorisePost()

function to authorise incoming post requests

Parameters

void

Returns

void

Throws

logDirectoryNotFoundExceptionif log directory is not found
- -

failedValidationAction

private static function failedValidationAction()

function to be called in case of failed validation performs logging and take appropriate action

Parameters

void

Returns

void

- -

refreshToken

public static function refreshToken()

Function to set auth cookie

Parameters

void

Returns

void

- -

generateAuthToken

public static function generateAuthToken()

function to generate random hash of length as given in parameter max length = 128

Parameters

length to hash required, int

Returns

string, token

- -

ob_handler

public static function ob_handler($buffer,
$flags)

Rewrites <form> on the fly to add CSRF tokens to them.  This can also inject our JavaScript library.

Parameters

$bufferoutput buffer to which all output are stored
$flagINT

Return

string, complete output buffer

- -

logCSRFattack

private static function logCSRFattack()

Functio to log CSRF Attack

Parameters

void

Retruns

void

Throws

logFileWriteErrorif unable to log an attack
- -

getCurrentUrl

private static function getCurrentUrl()

Function to return current url of executing page

Parameters

void

Returns

stringcurrent url
- -

isURLallowed

public static function isURLallowed()

Function to check if a url mataches for any urls Listed in config file

Parameters

void

Returns

booleantrue is url need no validation, false if validation needed
- -
- - - - - - - - - - -
public static $cookieExpiryTime
expiry time for cookie @var int
private static $isSameOrigin
flag for cross origin/same origin request @var bool
private static $isValidHTML
flag to check if output file is a valid HTML or not @var bool
protected static $requestType
Varaible to store weather request type is post or get @var string
public static $config
config file for CSRFProtector @var int Array, length = 6 Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails Property: #2: logDirectory (string) => directory in which log will be saved Property: #3: customErrorMessage (string) => custom error message to be sent in case of failed authentication Property: #4: jsFile (string) => location of the CSRFProtector js file Property: #5: tokenLength (int) => default length of hash Property: #6: disabledJavascriptMessage (string) => error message if client’s js is disabled
public static function init($length =  null,
$action =  null)
function to initialise the csrfProtector work flow
public static function useCachedVersion()
function to check weather to use cached version of js file or not
public static function createNewJsCache()
Function to create new cache version of js
public static function authorisePost()
function to authorise incoming post requests
private static function failedValidationAction()
function to be called in case of failed validation performs logging and take appropriate action
public static function refreshToken()
Function to set auth cookie
public static function generateAuthToken()
function to generate random hash of length as given in parameter max length = 128
public static function ob_handler($buffer,
$flags)
Rewrites form on the fly to add CSRF tokens to them.
private static function logCSRFattack()
Functio to log CSRF Attack
private static function getCurrentUrl()
Function to return current url of executing page
public static function isURLallowed()
Function to check if a url mataches for any urls Listed in config file
- - - - - - - - \ No newline at end of file diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index.html deleted file mode 100644 index c42fb024..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index.html +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Files.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Files.html deleted file mode 100644 index a984415a..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Files.html +++ /dev/null @@ -1,33 +0,0 @@ - - -File Index - - - - - - - - - -
File Index
$#! · 0-9 · A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · Q · R · S · T · U · V · W · X · Y · Z
C
 csrfprotector.php
- - - -
- - - - - - - - - - - - \ No newline at end of file diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Functions.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Functions.html deleted file mode 100644 index 7a5a0f31..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Functions.html +++ /dev/null @@ -1,65 +0,0 @@ - - -Function Index - - - - - - - - - -
Function Index
$#! · 0-9 · A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · Q · R · S · T · U · V · W · X · Y · Z
A
 authorisePost
C
 createNewJsCache
F
 failedValidationAction
G
 generateAuthToken
 getCurrentUrl
I
 init
 isURLallowed
L
 logCSRFattack
O
 ob_handler
R
 refreshToken
U
 useCachedVersion
- -
public static function authorisePost()
function to authorise incoming post requests
- - - -
public static function createNewJsCache()
Function to create new cache version of js
- - - -
private static function failedValidationAction()
function to be called in case of failed validation performs logging and take appropriate action
- - - -
public static function generateAuthToken()
function to generate random hash of length as given in parameter max length = 128
private static function getCurrentUrl()
Function to return current url of executing page
- - - -
public static function init($length =  null,
$action =  null)
function to initialise the csrfProtector work flow
public static function isURLallowed()
Function to check if a url mataches for any urls Listed in config file
- - - -
private static function logCSRFattack()
Functio to log CSRF Attack
- - - -
public static function ob_handler($buffer,
$flags)
Rewrites form on the fly to add CSRF tokens to them.
- - - -
public static function refreshToken()
Function to set auth cookie
- - - -
public static function useCachedVersion()
function to check weather to use cached version of js file or not
- -
- - - - - - - - - - - - \ No newline at end of file diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/General.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/General.html deleted file mode 100644 index adc327a6..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/General.html +++ /dev/null @@ -1,69 +0,0 @@ - - -Index - - - - - - - - - -
Index
$#! · 0-9 · A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · Q · R · S · T · U · V · W · X · Y · Z
A
 authorisePost
C
$config
$cookieExpiryTime
 createNewJsCache
 csrfprotector.php
F
 failedValidationAction
 Functions
G
 generateAuthToken
 getCurrentUrl
I
 init
$isSameOrigin
 isURLallowed
$isValidHTML
L
 logCSRFattack
O
 ob_handler
R
 refreshToken
$requestType
U
 useCachedVersion
V
 Variables
- -
public static function authorisePost()
function to authorise incoming post requests
- - - -
public static $config
config file for CSRFProtector @var int Array, length = 6 Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails Property: #2: logDirectory (string) => directory in which log will be saved Property: #3: customErrorMessage (string) => custom error message to be sent in case of failed authentication Property: #4: jsFile (string) => location of the CSRFProtector js file Property: #5: tokenLength (int) => default length of hash Property: #6: disabledJavascriptMessage (string) => error message if client’s js is disabled
public static $cookieExpiryTime
expiry time for cookie @var int
public static function createNewJsCache()
Function to create new cache version of js
- - - -
private static function failedValidationAction()
function to be called in case of failed validation performs logging and take appropriate action
- - - -
public static function generateAuthToken()
function to generate random hash of length as given in parameter max length = 128
private static function getCurrentUrl()
Function to return current url of executing page
- - - -
public static function init($length =  null,
$action =  null)
function to initialise the csrfProtector work flow
private static $isSameOrigin
flag for cross origin/same origin request @var bool
public static function isURLallowed()
Function to check if a url mataches for any urls Listed in config file
private static $isValidHTML
flag to check if output file is a valid HTML or not @var bool
- - - -
private static function logCSRFattack()
Functio to log CSRF Attack
- - - -
public static function ob_handler($buffer,
$flags)
Rewrites form on the fly to add CSRF tokens to them.
- - - -
public static function refreshToken()
Function to set auth cookie
protected static $requestType
Varaible to store weather request type is post or get @var string
- - - -
public static function useCachedVersion()
function to check weather to use cached version of js file or not
- - - - - -
- - - - - - - - - - - - \ No newline at end of file diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Variables.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Variables.html deleted file mode 100644 index 14fccdfb..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/index/Variables.html +++ /dev/null @@ -1,41 +0,0 @@ - - -Variable Index - - - - - - - - - -
Variable Index
$#! · 0-9 · A · B · C · D · E · F · G · H · I · J · K · L · M · N · O · P · Q · R · S · T · U · V · W · X · Y · Z
C
$config
$cookieExpiryTime
I
$isSameOrigin
$isValidHTML
R
$requestType
- -
public static $config
config file for CSRFProtector @var int Array, length = 6 Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails Property: #2: logDirectory (string) => directory in which log will be saved Property: #3: customErrorMessage (string) => custom error message to be sent in case of failed authentication Property: #4: jsFile (string) => location of the CSRFProtector js file Property: #5: tokenLength (int) => default length of hash Property: #6: disabledJavascriptMessage (string) => error message if client’s js is disabled
public static $cookieExpiryTime
expiry time for cookie @var int
- - - -
private static $isSameOrigin
flag for cross origin/same origin request @var bool
private static $isValidHTML
flag to check if output file is a valid HTML or not @var bool
- - - -
protected static $requestType
Varaible to store weather request type is post or get @var string
- -
- - - - - - - - - - - - \ No newline at end of file diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/main.js b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/main.js deleted file mode 100644 index 3f42acde..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/main.js +++ /dev/null @@ -1,841 +0,0 @@ -// This file is part of Natural Docs, which is Copyright 2003-2010 Greg Valure -// Natural Docs is licensed under version 3 of the GNU Affero General Public License (AGPL) -// Refer to License.txt for the complete details - -// This file may be distributed with documentation files generated by Natural Docs. -// Such documentation is not covered by Natural Docs' copyright and licensing, -// and may have its own copyright and distribution terms as decided by its author. - - -// -// Browser Styles -// ____________________________________________________________________________ - -var agt=navigator.userAgent.toLowerCase(); -var browserType; -var browserVer; - -if (agt.indexOf("opera") != -1) - { - browserType = "Opera"; - - if (agt.indexOf("opera 7") != -1 || agt.indexOf("opera/7") != -1) - { browserVer = "Opera7"; } - else if (agt.indexOf("opera 8") != -1 || agt.indexOf("opera/8") != -1) - { browserVer = "Opera8"; } - else if (agt.indexOf("opera 9") != -1 || agt.indexOf("opera/9") != -1) - { browserVer = "Opera9"; } - } - -else if (agt.indexOf("applewebkit") != -1) - { - browserType = "Safari"; - - if (agt.indexOf("version/3") != -1) - { browserVer = "Safari3"; } - else if (agt.indexOf("safari/4") != -1) - { browserVer = "Safari2"; } - } - -else if (agt.indexOf("khtml") != -1) - { - browserType = "Konqueror"; - } - -else if (agt.indexOf("msie") != -1) - { - browserType = "IE"; - - if (agt.indexOf("msie 6") != -1) - { browserVer = "IE6"; } - else if (agt.indexOf("msie 7") != -1) - { browserVer = "IE7"; } - } - -else if (agt.indexOf("gecko") != -1) - { - browserType = "Firefox"; - - if (agt.indexOf("rv:1.7") != -1) - { browserVer = "Firefox1"; } - else if (agt.indexOf("rv:1.8)") != -1 || agt.indexOf("rv:1.8.0") != -1) - { browserVer = "Firefox15"; } - else if (agt.indexOf("rv:1.8.1") != -1) - { browserVer = "Firefox2"; } - } - - -// -// Support Functions -// ____________________________________________________________________________ - - -function GetXPosition(item) - { - var position = 0; - - if (item.offsetWidth != null) - { - while (item != document.body && item != null) - { - position += item.offsetLeft; - item = item.offsetParent; - }; - }; - - return position; - }; - - -function GetYPosition(item) - { - var position = 0; - - if (item.offsetWidth != null) - { - while (item != document.body && item != null) - { - position += item.offsetTop; - item = item.offsetParent; - }; - }; - - return position; - }; - - -function MoveToPosition(item, x, y) - { - // Opera 5 chokes on the px extension, so it can use the Microsoft one instead. - - if (item.style.left != null) - { - item.style.left = x + "px"; - item.style.top = y + "px"; - } - else if (item.style.pixelLeft != null) - { - item.style.pixelLeft = x; - item.style.pixelTop = y; - }; - }; - - -// -// Menu -// ____________________________________________________________________________ - - -function ToggleMenu(id) - { - if (!window.document.getElementById) - { return; }; - - var display = window.document.getElementById(id).style.display; - - if (display == "none") - { display = "block"; } - else - { display = "none"; } - - window.document.getElementById(id).style.display = display; - } - -function HideAllBut(ids, max) - { - if (document.getElementById) - { - ids.sort( function(a,b) { return a - b; } ); - var number = 1; - - while (number < max) - { - if (ids.length > 0 && number == ids[0]) - { ids.shift(); } - else - { - document.getElementById("MGroupContent" + number).style.display = "none"; - }; - - number++; - }; - }; - } - - -// -// Tooltips -// ____________________________________________________________________________ - - -var tooltipTimer = 0; - -function ShowTip(event, tooltipID, linkID) - { - if (tooltipTimer) - { clearTimeout(tooltipTimer); }; - - var docX = event.clientX + window.pageXOffset; - var docY = event.clientY + window.pageYOffset; - - var showCommand = "ReallyShowTip('" + tooltipID + "', '" + linkID + "', " + docX + ", " + docY + ")"; - - tooltipTimer = setTimeout(showCommand, 1000); - } - -function ReallyShowTip(tooltipID, linkID, docX, docY) - { - tooltipTimer = 0; - - var tooltip; - var link; - - if (document.getElementById) - { - tooltip = document.getElementById(tooltipID); - link = document.getElementById(linkID); - } -/* else if (document.all) - { - tooltip = eval("document.all['" + tooltipID + "']"); - link = eval("document.all['" + linkID + "']"); - } -*/ - if (tooltip) - { - var left = GetXPosition(link); - var top = GetYPosition(link); - top += link.offsetHeight; - - - // The fallback method is to use the mouse X and Y relative to the document. We use a separate if and test if its a number - // in case some browser snuck through the above if statement but didn't support everything. - - if (!isFinite(top) || top == 0) - { - left = docX; - top = docY; - } - - // Some spacing to get it out from under the cursor. - - top += 10; - - // Make sure the tooltip doesnt get smushed by being too close to the edge, or in some browsers, go off the edge of the - // page. We do it here because Konqueror does get offsetWidth right even if it doesnt get the positioning right. - - if (tooltip.offsetWidth != null) - { - var width = tooltip.offsetWidth; - var docWidth = document.body.clientWidth; - - if (left + width > docWidth) - { left = docWidth - width - 1; } - - // If there's a horizontal scroll bar we could go past zero because it's using the page width, not the window width. - if (left < 0) - { left = 0; }; - } - - MoveToPosition(tooltip, left, top); - tooltip.style.visibility = "visible"; - } - } - -function HideTip(tooltipID) - { - if (tooltipTimer) - { - clearTimeout(tooltipTimer); - tooltipTimer = 0; - } - - var tooltip; - - if (document.getElementById) - { tooltip = document.getElementById(tooltipID); } - else if (document.all) - { tooltip = eval("document.all['" + tooltipID + "']"); } - - if (tooltip) - { tooltip.style.visibility = "hidden"; } - } - - -// -// Blockquote fix for IE -// ____________________________________________________________________________ - - -function NDOnLoad() - { - if (browserVer == "IE6") - { - var scrollboxes = document.getElementsByTagName('blockquote'); - - if (scrollboxes.item(0)) - { - NDDoResize(); - window.onresize=NDOnResize; - }; - }; - }; - - -var resizeTimer = 0; - -function NDOnResize() - { - if (resizeTimer != 0) - { clearTimeout(resizeTimer); }; - - resizeTimer = setTimeout(NDDoResize, 250); - }; - - -function NDDoResize() - { - var scrollboxes = document.getElementsByTagName('blockquote'); - - var i; - var item; - - i = 0; - while (item = scrollboxes.item(i)) - { - item.style.width = 100; - i++; - }; - - i = 0; - while (item = scrollboxes.item(i)) - { - item.style.width = item.parentNode.offsetWidth; - i++; - }; - - clearTimeout(resizeTimer); - resizeTimer = 0; - } - - - -/* ________________________________________________________________________________________________________ - - Class: SearchPanel - ________________________________________________________________________________________________________ - - A class handling everything associated with the search panel. - - Parameters: - - name - The name of the global variable that will be storing this instance. Is needed to be able to set timeouts. - mode - The mode the search is going to work in. Pass CommandLineOption()>, so the - value will be something like "HTML" or "FramedHTML". - - ________________________________________________________________________________________________________ -*/ - - -function SearchPanel(name, mode, resultsPath) - { - if (!name || !mode || !resultsPath) - { alert("Incorrect parameters to SearchPanel."); }; - - - // Group: Variables - // ________________________________________________________________________ - - /* - var: name - The name of the global variable that will be storing this instance of the class. - */ - this.name = name; - - /* - var: mode - The mode the search is going to work in, such as "HTML" or "FramedHTML". - */ - this.mode = mode; - - /* - var: resultsPath - The relative path from the current HTML page to the results page directory. - */ - this.resultsPath = resultsPath; - - /* - var: keyTimeout - The timeout used between a keystroke and when a search is performed. - */ - this.keyTimeout = 0; - - /* - var: keyTimeoutLength - The length of in thousandths of a second. - */ - this.keyTimeoutLength = 500; - - /* - var: lastSearchValue - The last search string executed, or an empty string if none. - */ - this.lastSearchValue = ""; - - /* - var: lastResultsPage - The last results page. The value is only relevant if is set. - */ - this.lastResultsPage = ""; - - /* - var: deactivateTimeout - - The timeout used between when a control is deactivated and when the entire panel is deactivated. Is necessary - because a control may be deactivated in favor of another control in the same panel, in which case it should stay - active. - */ - this.deactivateTimout = 0; - - /* - var: deactivateTimeoutLength - The length of in thousandths of a second. - */ - this.deactivateTimeoutLength = 200; - - - - - // Group: DOM Elements - // ________________________________________________________________________ - - - // Function: DOMSearchField - this.DOMSearchField = function() - { return document.getElementById("MSearchField"); }; - - // Function: DOMSearchType - this.DOMSearchType = function() - { return document.getElementById("MSearchType"); }; - - // Function: DOMPopupSearchResults - this.DOMPopupSearchResults = function() - { return document.getElementById("MSearchResults"); }; - - // Function: DOMPopupSearchResultsWindow - this.DOMPopupSearchResultsWindow = function() - { return document.getElementById("MSearchResultsWindow"); }; - - // Function: DOMSearchPanel - this.DOMSearchPanel = function() - { return document.getElementById("MSearchPanel"); }; - - - - - // Group: Event Handlers - // ________________________________________________________________________ - - - /* - Function: OnSearchFieldFocus - Called when focus is added or removed from the search field. - */ - this.OnSearchFieldFocus = function(isActive) - { - this.Activate(isActive); - }; - - - /* - Function: OnSearchFieldChange - Called when the content of the search field is changed. - */ - this.OnSearchFieldChange = function() - { - if (this.keyTimeout) - { - clearTimeout(this.keyTimeout); - this.keyTimeout = 0; - }; - - var searchValue = this.DOMSearchField().value.replace(/ +/g, ""); - - if (searchValue != this.lastSearchValue) - { - if (searchValue != "") - { - this.keyTimeout = setTimeout(this.name + ".Search()", this.keyTimeoutLength); - } - else - { - if (this.mode == "HTML") - { this.DOMPopupSearchResultsWindow().style.display = "none"; }; - this.lastSearchValue = ""; - }; - }; - }; - - - /* - Function: OnSearchTypeFocus - Called when focus is added or removed from the search type. - */ - this.OnSearchTypeFocus = function(isActive) - { - this.Activate(isActive); - }; - - - /* - Function: OnSearchTypeChange - Called when the search type is changed. - */ - this.OnSearchTypeChange = function() - { - var searchValue = this.DOMSearchField().value.replace(/ +/g, ""); - - if (searchValue != "") - { - this.Search(); - }; - }; - - - - // Group: Action Functions - // ________________________________________________________________________ - - - /* - Function: CloseResultsWindow - Closes the results window. - */ - this.CloseResultsWindow = function() - { - this.DOMPopupSearchResultsWindow().style.display = "none"; - this.Activate(false, true); - }; - - - /* - Function: Search - Performs a search. - */ - this.Search = function() - { - this.keyTimeout = 0; - - var searchValue = this.DOMSearchField().value.replace(/^ +/, ""); - var searchTopic = this.DOMSearchType().value; - - var pageExtension = searchValue.substr(0,1); - - if (pageExtension.match(/^[a-z]/i)) - { pageExtension = pageExtension.toUpperCase(); } - else if (pageExtension.match(/^[0-9]/)) - { pageExtension = 'Numbers'; } - else - { pageExtension = "Symbols"; }; - - var resultsPage; - var resultsPageWithSearch; - var hasResultsPage; - - // indexSectionsWithContent is defined in searchdata.js - if (indexSectionsWithContent[searchTopic][pageExtension] == true) - { - resultsPage = this.resultsPath + '/' + searchTopic + pageExtension + '.html'; - resultsPageWithSearch = resultsPage+'?'+escape(searchValue); - hasResultsPage = true; - } - else - { - resultsPage = this.resultsPath + '/NoResults.html'; - resultsPageWithSearch = resultsPage; - hasResultsPage = false; - }; - - var resultsFrame; - if (this.mode == "HTML") - { resultsFrame = window.frames.MSearchResults; } - else if (this.mode == "FramedHTML") - { resultsFrame = window.top.frames['Content']; }; - - - if (resultsPage != this.lastResultsPage || - - // Bug in IE. If everything becomes hidden in a run, none of them will be able to be reshown in the next for some - // reason. It counts the right number of results, and you can even read the display as "block" after setting it, but it - // just doesn't work in IE 6 or IE 7. So if we're on the right page but the previous search had no results, reload the - // page anyway to get around the bug. - (browserType == "IE" && hasResultsPage && - (!resultsFrame.searchResults || resultsFrame.searchResults.lastMatchCount == 0)) ) - - { - resultsFrame.location.href = resultsPageWithSearch; - } - - // So if the results page is right and there's no IE bug, reperform the search on the existing page. We have to check if there - // are results because NoResults.html doesn't have any JavaScript, and it would be useless to do anything on that page even - // if it did. - else if (hasResultsPage) - { - // We need to check if this exists in case the frame is present but didn't finish loading. - if (resultsFrame.searchResults) - { resultsFrame.searchResults.Search(searchValue); } - - // Otherwise just reload instead of waiting. - else - { resultsFrame.location.href = resultsPageWithSearch; }; - }; - - - var domPopupSearchResultsWindow = this.DOMPopupSearchResultsWindow(); - - if (this.mode == "HTML" && domPopupSearchResultsWindow.style.display != "block") - { - var domSearchType = this.DOMSearchType(); - - var left = GetXPosition(domSearchType); - var top = GetYPosition(domSearchType) + domSearchType.offsetHeight; - - MoveToPosition(domPopupSearchResultsWindow, left, top); - domPopupSearchResultsWindow.style.display = 'block'; - }; - - - this.lastSearchValue = searchValue; - this.lastResultsPage = resultsPage; - }; - - - - // Group: Activation Functions - // Functions that handle whether the entire panel is active or not. - // ________________________________________________________________________ - - - /* - Function: Activate - - Activates or deactivates the search panel, resetting things to their default values if necessary. You can call this on every - control's OnBlur() and it will handle not deactivating the entire panel when focus is just switching between them transparently. - - Parameters: - - isActive - Whether you're activating or deactivating the panel. - ignoreDeactivateDelay - Set if you're positive the action will deactivate the panel and thus want to skip the delay. - */ - this.Activate = function(isActive, ignoreDeactivateDelay) - { - // We want to ignore isActive being false while the results window is open. - if (isActive || (this.mode == "HTML" && this.DOMPopupSearchResultsWindow().style.display == "block")) - { - if (this.inactivateTimeout) - { - clearTimeout(this.inactivateTimeout); - this.inactivateTimeout = 0; - }; - - this.DOMSearchPanel().className = 'MSearchPanelActive'; - - var searchField = this.DOMSearchField(); - - if (searchField.value == 'Search') - { searchField.value = ""; } - } - else if (!ignoreDeactivateDelay) - { - this.inactivateTimeout = setTimeout(this.name + ".InactivateAfterTimeout()", this.inactivateTimeoutLength); - } - else - { - this.InactivateAfterTimeout(); - }; - }; - - - /* - Function: InactivateAfterTimeout - - Called by , which is set by . Inactivation occurs on a timeout because a control may - receive OnBlur() when focus is really transferring to another control in the search panel. In this case we don't want to - actually deactivate the panel because not only would that cause a visible flicker but it could also reset the search value. - So by doing it on a timeout instead, there's a short period where the second control's OnFocus() can cancel the deactivation. - */ - this.InactivateAfterTimeout = function() - { - this.inactivateTimeout = 0; - - this.DOMSearchPanel().className = 'MSearchPanelInactive'; - this.DOMSearchField().value = "Search"; - - this.lastSearchValue = ""; - this.lastResultsPage = ""; - }; - }; - - - - -/* ________________________________________________________________________________________________________ - - Class: SearchResults - _________________________________________________________________________________________________________ - - The class that handles everything on the search results page. - _________________________________________________________________________________________________________ -*/ - - -function SearchResults(name, mode) - { - /* - var: mode - The mode the search is going to work in, such as "HTML" or "FramedHTML". - */ - this.mode = mode; - - /* - var: lastMatchCount - The number of matches from the last run of . - */ - this.lastMatchCount = 0; - - - /* - Function: Toggle - Toggles the visibility of the passed element ID. - */ - this.Toggle = function(id) - { - if (this.mode == "FramedHTML") - { return; }; - - var parentElement = document.getElementById(id); - - var element = parentElement.firstChild; - - while (element && element != parentElement) - { - if (element.nodeName == 'DIV' && element.className == 'ISubIndex') - { - if (element.style.display == 'block') - { element.style.display = "none"; } - else - { element.style.display = 'block'; } - }; - - if (element.nodeName == 'DIV' && element.hasChildNodes()) - { element = element.firstChild; } - else if (element.nextSibling) - { element = element.nextSibling; } - else - { - do - { - element = element.parentNode; - } - while (element && element != parentElement && !element.nextSibling); - - if (element && element != parentElement) - { element = element.nextSibling; }; - }; - }; - }; - - - /* - Function: Search - - Searches for the passed string. If there is no parameter, it takes it from the URL query. - - Always returns true, since other documents may try to call it and that may or may not be possible. - */ - this.Search = function(search) - { - if (!search) - { - search = window.location.search; - search = search.substring(1); // Remove the leading ? - search = unescape(search); - }; - - search = search.replace(/^ +/, ""); - search = search.replace(/ +$/, ""); - search = search.toLowerCase(); - - if (search.match(/[^a-z0-9]/)) // Just a little speedup so it doesn't have to go through the below unnecessarily. - { - search = search.replace(/\_/g, "_und"); - search = search.replace(/\ +/gi, "_spc"); - search = search.replace(/\~/g, "_til"); - search = search.replace(/\!/g, "_exc"); - search = search.replace(/\@/g, "_att"); - search = search.replace(/\#/g, "_num"); - search = search.replace(/\$/g, "_dol"); - search = search.replace(/\%/g, "_pct"); - search = search.replace(/\^/g, "_car"); - search = search.replace(/\&/g, "_amp"); - search = search.replace(/\*/g, "_ast"); - search = search.replace(/\(/g, "_lpa"); - search = search.replace(/\)/g, "_rpa"); - search = search.replace(/\-/g, "_min"); - search = search.replace(/\+/g, "_plu"); - search = search.replace(/\=/g, "_equ"); - search = search.replace(/\{/g, "_lbc"); - search = search.replace(/\}/g, "_rbc"); - search = search.replace(/\[/g, "_lbk"); - search = search.replace(/\]/g, "_rbk"); - search = search.replace(/\:/g, "_col"); - search = search.replace(/\;/g, "_sco"); - search = search.replace(/\"/g, "_quo"); - search = search.replace(/\'/g, "_apo"); - search = search.replace(/\/g, "_ran"); - search = search.replace(/\,/g, "_com"); - search = search.replace(/\./g, "_per"); - search = search.replace(/\?/g, "_que"); - search = search.replace(/\//g, "_sla"); - search = search.replace(/[^a-z0-9\_]i/gi, "_zzz"); - }; - - var resultRows = document.getElementsByTagName("div"); - var matches = 0; - - var i = 0; - while (i < resultRows.length) - { - var row = resultRows.item(i); - - if (row.className == "SRResult") - { - var rowMatchName = row.id.toLowerCase(); - rowMatchName = rowMatchName.replace(/^sr\d*_/, ''); - - if (search.length <= rowMatchName.length && rowMatchName.substr(0, search.length) == search) - { - row.style.display = "block"; - matches++; - } - else - { row.style.display = "none"; }; - }; - - i++; - }; - - document.getElementById("Searching").style.display="none"; - - if (matches == 0) - { document.getElementById("NoMatches").style.display="block"; } - else - { document.getElementById("NoMatches").style.display="none"; } - - this.lastMatchCount = matches; - - return true; - }; - }; - diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/prettify.js b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/prettify.js deleted file mode 100644 index fda4bf1e..00000000 --- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/prettify.js +++ /dev/null @@ -1,1526 +0,0 @@ - -// This code comes from the December 2009 release of Google Prettify, which is Copyright 2006 Google Inc. -// Minor modifications are marked with "ND Change" comments. -// As part of Natural Docs, this code is licensed under version 3 of the GNU Affero General Public License (AGPL.) -// However, it may also be obtained separately under version 2.0 of the Apache License. -// Refer to License.txt for the complete details - - -// Main code -// ____________________________________________________________________________ - -// Copyright (C) 2006 Google Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - - -/** - * @fileoverview - * some functions for browser-side pretty printing of code contained in html. - *

- * - * For a fairly comprehensive set of languages see the - * README - * file that came with this source. At a minimum, the lexer should work on a - * number of languages including C and friends, Java, Python, Bash, SQL, HTML, - * XML, CSS, Javascript, and Makefiles. It works passably on Ruby, PHP and Awk - * and a subset of Perl, but, because of commenting conventions, doesn't work on - * Smalltalk, Lisp-like, or CAML-like languages without an explicit lang class. - *

- * Usage:

    - *
  1. include this source file in an html page via - * {@code } - *
  2. define style rules. See the example page for examples. - *
  3. mark the {@code 
    } and {@code } tags in your source with
- *    {@code class=prettyprint.}
- *    You can also use the (html deprecated) {@code } tag, but the pretty
- *    printer needs to do more substantial DOM manipulations to support that, so
- *    some css styles may not be preserved.
- * </ol>
- * That's it.  I wanted to keep the API as simple as possible, so there's no
- * need to specify which language the code is in, but if you wish, you can add
- * another class to the {@code <pre>} or {@code <code>} element to specify the
- * language, as in {@code <pre class="prettyprint lang-java">}.  Any class that
- * starts with "lang-" followed by a file extension, specifies the file type.
- * See the "lang-*.js" files in this directory for code that implements
- * per-language file handlers.
- * <p>
- * Change log:<br>
- * cbeust, 2006/08/22
- * <blockquote>
- *   Java annotations (start with "@") are now captured as literals ("lit")
- * </blockquote>
- * @requires console
- * @overrides window
- */
-
-// JSLint declarations
-/*global console, document, navigator, setTimeout, window */
-
-/**
- * Split {@code prettyPrint} into multiple timeouts so as not to interfere with
- * UI events.
- * If set to {@code false}, {@code prettyPrint()} is synchronous.
- */
-window['PR_SHOULD_USE_CONTINUATION'] = true;
-
-/** the number of characters between tab columns */
-window['PR_TAB_WIDTH'] = 8;
-
-/** Walks the DOM returning a properly escaped version of innerHTML.
-  * @param {Node} node
-  * @param {Array.<string>} out output buffer that receives chunks of HTML.
-  */
-window['PR_normalizedHtml']
-
-/** Contains functions for creating and registering new language handlers.
-  * @type {Object}
-  */
-  = window['PR']
-
-/** Pretty print a chunk of code.
-  *
-  * @param {string} sourceCodeHtml code as html
-  * @return {string} code as html, but prettier
-  */
-  = window['prettyPrintOne']
-/** Find all the {@code <pre>} and {@code <code>} tags in the DOM with
-  * {@code class=prettyprint} and prettify them.
-  * @param {Function?} opt_whenDone if specified, called when the last entry
-  *     has been finished.
-  */
-  = window['prettyPrint'] = void 0;
-
-/** browser detection. @extern @returns false if not IE, otherwise the major version. */
-window['_pr_isIE6'] = function () {
-  var ieVersion = navigator && navigator.userAgent &&
-      navigator.userAgent.match(/\bMSIE ([678])\./);
-  ieVersion = ieVersion ? +ieVersion[1] : false;
-  window['_pr_isIE6'] = function () { return ieVersion; };
-  return ieVersion;
-};
-
-
-(function () {
-  // Keyword lists for various languages.
-  var FLOW_CONTROL_KEYWORDS =
-      "break continue do else for if return while ";
-  var C_KEYWORDS = FLOW_CONTROL_KEYWORDS + "auto case char const default " +
-      "double enum extern float goto int long register short signed sizeof " +
-      "static struct switch typedef union unsigned void volatile ";
-  var COMMON_KEYWORDS = C_KEYWORDS + "catch class delete false import " +
-      "new operator private protected public this throw true try typeof ";
-  var CPP_KEYWORDS = COMMON_KEYWORDS + "alignof align_union asm axiom bool " +
-      "concept concept_map const_cast constexpr decltype " +
-      "dynamic_cast explicit export friend inline late_check " +
-      "mutable namespace nullptr reinterpret_cast static_assert static_cast " +
-      "template typeid typename using virtual wchar_t where ";
-  var JAVA_KEYWORDS = COMMON_KEYWORDS +
-      "abstract boolean byte extends final finally implements import " +
-      "instanceof null native package strictfp super synchronized throws " +
-      "transient ";
-  var CSHARP_KEYWORDS = JAVA_KEYWORDS +
-      "as base by checked decimal delegate descending event " +
-      "fixed foreach from group implicit in interface internal into is lock " +
-      "object out override orderby params partial readonly ref sbyte sealed " +
-      "stackalloc string select uint ulong unchecked unsafe ushort var ";
-  var JSCRIPT_KEYWORDS = COMMON_KEYWORDS +
-      "debugger eval export function get null set undefined var with " +
-      "Infinity NaN ";
-  var PERL_KEYWORDS = "caller delete die do dump elsif eval exit foreach for " +
-      "goto if import last local my next no our print package redo require " +
-      "sub undef unless until use wantarray while BEGIN END ";
-  var PYTHON_KEYWORDS = FLOW_CONTROL_KEYWORDS + "and as assert class def del " +
-      "elif except exec finally from global import in is lambda " +
-      "nonlocal not or pass print raise try with yield " +
-      "False True None ";
-  var RUBY_KEYWORDS = FLOW_CONTROL_KEYWORDS + "alias and begin case class def" +
-      " defined elsif end ensure false in module next nil not or redo rescue " +
-      "retry self super then true undef unless until when yield BEGIN END ";
-  var SH_KEYWORDS = FLOW_CONTROL_KEYWORDS + "case done elif esac eval fi " +
-      "function in local set then until ";
-  var ALL_KEYWORDS = (
-      CPP_KEYWORDS + CSHARP_KEYWORDS + JSCRIPT_KEYWORDS + PERL_KEYWORDS +
-      PYTHON_KEYWORDS + RUBY_KEYWORDS + SH_KEYWORDS);
-
-  // token style names.  correspond to css classes
-  /** token style for a string literal */
-  var PR_STRING = 'str';
-  /** token style for a keyword */
-  var PR_KEYWORD = 'kwd';
-  /** token style for a comment */
-  var PR_COMMENT = 'com';
-  /** token style for a type */
-  var PR_TYPE = 'typ';
-  /** token style for a literal value.  e.g. 1, null, true. */
-  var PR_LITERAL = 'lit';
-  /** token style for a punctuation string. */
-  var PR_PUNCTUATION = 'pun';
-  /** token style for a punctuation string. */
-  var PR_PLAIN = 'pln';
-
-  /** token style for an sgml tag. */
-  var PR_TAG = 'tag';
-  /** token style for a markup declaration such as a DOCTYPE. */
-  var PR_DECLARATION = 'dec';
-  /** token style for embedded source. */
-  var PR_SOURCE = 'src';
-  /** token style for an sgml attribute name. */
-  var PR_ATTRIB_NAME = 'atn';
-  /** token style for an sgml attribute value. */
-  var PR_ATTRIB_VALUE = 'atv';
-
-  /**
-   * A class that indicates a section of markup that is not code, e.g. to allow
-   * embedding of line numbers within code listings.
-   */
-  var PR_NOCODE = 'nocode';
-
-  /** A set of tokens that can precede a regular expression literal in
-    * javascript.
-    * http://www.mozilla.org/js/language/js20/rationale/syntax.html has the full
-    * list, but I've removed ones that might be problematic when seen in
-    * languages that don't support regular expression literals.
-    *
-    * <p>Specifically, I've removed any keywords that can't precede a regexp
-    * literal in a syntactically legal javascript program, and I've removed the
-    * "in" keyword since it's not a keyword in many languages, and might be used
-    * as a count of inches.
-    *
-    * <p>The link a above does not accurately describe EcmaScript rules since
-    * it fails to distinguish between (a=++/b/i) and (a++/b/i) but it works
-    * very well in practice.
-    *
-    * @private
-    */
-  var REGEXP_PRECEDER_PATTERN = function () {
-      var preceders = [
-          "!", "!=", "!==", "#", "%", "%=", "&", "&&", "&&=",
-          "&=", "(", "*", "*=", /* "+", */ "+=", ",", /* "-", */ "-=",
-          "->", /*".", "..", "...", handled below */ "/", "/=", ":", "::", ";",
-          "<", "<<", "<<=", "<=", "=", "==", "===", ">",
-          ">=", ">>", ">>=", ">>>", ">>>=", "?", "@", "[",
-          "^", "^=", "^^", "^^=", "{", "|", "|=", "||",
-          "||=", "~" /* handles =~ and !~ */,
-          "break", "case", "continue", "delete",
-          "do", "else", "finally", "instanceof",
-          "return", "throw", "try", "typeof"
-          ];
-      var pattern = '(?:^^|[+-]';
-      for (var i = 0; i < preceders.length; ++i) {
-        pattern += '|' + preceders[i].replace(/([^=<>:&a-z])/g, '\\$1');
-      }
-      pattern += ')\\s*';  // matches at end, and matches empty string
-      return pattern;
-      // CAVEAT: this does not properly handle the case where a regular
-      // expression immediately follows another since a regular expression may
-      // have flags for case-sensitivity and the like.  Having regexp tokens
-      // adjacent is not valid in any language I'm aware of, so I'm punting.
-      // TODO: maybe style special characters inside a regexp as punctuation.
-    }();
-
-  // Define regexps here so that the interpreter doesn't have to create an
-  // object each time the function containing them is called.
-  // The language spec requires a new object created even if you don't access
-  // the $1 members.
-  var pr_amp = /&/g;
-  var pr_lt = /</g;
-  var pr_gt = />/g;
-  var pr_quot = /\"/g;
-  /** like textToHtml but escapes double quotes to be attribute safe. */
-  function attribToHtml(str) {
-    return str.replace(pr_amp, '&amp;')
-        .replace(pr_lt, '&lt;')
-        .replace(pr_gt, '&gt;')
-        .replace(pr_quot, '&quot;');
-  }
-
-  /** escapest html special characters to html. */
-  function textToHtml(str) {
-    return str.replace(pr_amp, '&amp;')
-        .replace(pr_lt, '&lt;')
-        .replace(pr_gt, '&gt;');
-  }
-
-
-  var pr_ltEnt = /&lt;/g;
-  var pr_gtEnt = /&gt;/g;
-  var pr_aposEnt = /&apos;/g;
-  var pr_quotEnt = /&quot;/g;
-  var pr_ampEnt = /&amp;/g;
-  var pr_nbspEnt = /&nbsp;/g;
-  /** unescapes html to plain text. */
-  function htmlToText(html) {
-    var pos = html.indexOf('&');
-    if (pos < 0) { return html; }
-    // Handle numeric entities specially.  We can't use functional substitution
-    // since that doesn't work in older versions of Safari.
-    // These should be rare since most browsers convert them to normal chars.
-    for (--pos; (pos = html.indexOf('&#', pos + 1)) >= 0;) {
-      var end = html.indexOf(';', pos);
-      if (end >= 0) {
-        var num = html.substring(pos + 3, end);
-        var radix = 10;
-        if (num && num.charAt(0) === 'x') {
-          num = num.substring(1);
-          radix = 16;
-        }
-        var codePoint = parseInt(num, radix);
-        if (!isNaN(codePoint)) {
-          html = (html.substring(0, pos) + String.fromCharCode(codePoint) +
-                  html.substring(end + 1));
-        }
-      }
-    }
-
-    return html.replace(pr_ltEnt, '<')
-        .replace(pr_gtEnt, '>')
-        .replace(pr_aposEnt, "'")
-        .replace(pr_quotEnt, '"')
-        .replace(pr_nbspEnt, ' ')
-        .replace(pr_ampEnt, '&');
-  }
-
-  /** is the given node's innerHTML normally unescaped? */
-  function isRawContent(node) {
-    return 'XMP' === node.tagName;
-  }
-
-  var newlineRe = /[\r\n]/g;
-  /**
-   * Are newlines and adjacent spaces significant in the given node's innerHTML?
-   */
-  function isPreformatted(node, content) {
-    // PRE means preformatted, and is a very common case, so don't create
-    // unnecessary computed style objects.
-    if ('PRE' === node.tagName) { return true; }
-    if (!newlineRe.test(content)) { return true; }  // Don't care
-    var whitespace = '';
-    // For disconnected nodes, IE has no currentStyle.
-    if (node.currentStyle) {
-      whitespace = node.currentStyle.whiteSpace;
-    } else if (window.getComputedStyle) {
-      // Firefox makes a best guess if node is disconnected whereas Safari
-      // returns the empty string.
-      whitespace = window.getComputedStyle(node, null).whiteSpace;
-    }
-    return !whitespace || whitespace === 'pre';
-  }
-
-  function normalizedHtml(node, out) {
-    switch (node.nodeType) {
-      case 1:  // an element
-        var name = node.tagName.toLowerCase();
-        out.push('<', name);
-        for (var i = 0; i < node.attributes.length; ++i) {
-          var attr = node.attributes[i];
-          if (!attr.specified) { continue; }
-          out.push(' ');
-          normalizedHtml(attr, out);
-        }
-        out.push('>');
-        for (var child = node.firstChild; child; child = child.nextSibling) {
-          normalizedHtml(child, out);
-        }
-        if (node.firstChild || !/^(?:br|link|img)$/.test(name)) {
-          out.push('<\/', name, '>');
-        }
-        break;
-      case 2: // an attribute
-        out.push(node.name.toLowerCase(), '="', attribToHtml(node.value), '"');
-        break;
-      case 3: case 4: // text
-        out.push(textToHtml(node.nodeValue));
-        break;
-    }
-  }
-
-  /**
-   * Given a group of {@link RegExp}s, returns a {@code RegExp} that globally
-   * matches the union o the sets o strings matched d by the input RegExp.
-   * Since it matches globally, if the input strings have a start-of-input
-   * anchor (/^.../), it is ignored for the purposes of unioning.
-   * @param {Array.<RegExp>} regexs non multiline, non-global regexs.
-   * @return {RegExp} a global regex.
-   */
-  function combinePrefixPatterns(regexs) {
-    var capturedGroupIndex = 0;
-
-    var needToFoldCase = false;
-    var ignoreCase = false;
-    for (var i = 0, n = regexs.length; i < n; ++i) {
-      var regex = regexs[i];
-      if (regex.ignoreCase) {
-        ignoreCase = true;
-      } else if (/[a-z]/i.test(regex.source.replace(
-                     /\\u[0-9a-f]{4}|\\x[0-9a-f]{2}|\\[^ux]/gi, ''))) {
-        needToFoldCase = true;
-        ignoreCase = false;
-        break;
-      }
-    }
-
-    function decodeEscape(charsetPart) {
-      if (charsetPart.charAt(0) !== '\\') { return charsetPart.charCodeAt(0); }
-      switch (charsetPart.charAt(1)) {
-        case 'b': return 8;
-        case 't': return 9;
-        case 'n': return 0xa;
-        case 'v': return 0xb;
-        case 'f': return 0xc;
-        case 'r': return 0xd;
-        case 'u': case 'x':
-          return parseInt(charsetPart.substring(2), 16)
-              || charsetPart.charCodeAt(1);
-        case '0': case '1': case '2': case '3': case '4':
-        case '5': case '6': case '7':
-          return parseInt(charsetPart.substring(1), 8);
-        default: return charsetPart.charCodeAt(1);
-      }
-    }
-
-    function encodeEscape(charCode) {
-      if (charCode < 0x20) {
-        return (charCode < 0x10 ? '\\x0' : '\\x') + charCode.toString(16);
-      }
-      var ch = String.fromCharCode(charCode);
-      if (ch === '\\' || ch === '-' || ch === '[' || ch === ']') {
-        ch = '\\' + ch;
-      }
-      return ch;
-    }
-
-    function caseFoldCharset(charSet) {
-      var charsetParts = charSet.substring(1, charSet.length - 1).match(
-          new RegExp(
-              '\\\\u[0-9A-Fa-f]{4}'
-              + '|\\\\x[0-9A-Fa-f]{2}'
-              + '|\\\\[0-3][0-7]{0,2}'
-              + '|\\\\[0-7]{1,2}'
-              + '|\\\\[\\s\\S]'
-              + '|-'
-              + '|[^-\\\\]',
-              'g'));
-      var groups = [];
-      var ranges = [];
-      var inverse = charsetParts[0] === '^';
-      for (var i = inverse ? 1 : 0, n = charsetParts.length; i < n; ++i) {
-        var p = charsetParts[i];
-        switch (p) {
-          case '\\B': case '\\b':
-          case '\\D': case '\\d':
-          case '\\S': case '\\s':
-          case '\\W': case '\\w':
-            groups.push(p);
-            continue;
-        }
-        var start = decodeEscape(p);
-        var end;
-        if (i + 2 < n && '-' === charsetParts[i + 1]) {
-          end = decodeEscape(charsetParts[i + 2]);
-          i += 2;
-        } else {
-          end = start;
-        }
-        ranges.push([start, end]);
-        // If the range might intersect letters, then expand it.
-        if (!(end < 65 || start > 122)) {
-          if (!(end < 65 || start > 90)) {
-            ranges.push([Math.max(65, start) | 32, Math.min(end, 90) | 32]);
-          }
-          if (!(end < 97 || start > 122)) {
-            ranges.push([Math.max(97, start) & ~32, Math.min(end, 122) & ~32]);
-          }
-        }
-      }
-
-      // [[1, 10], [3, 4], [8, 12], [14, 14], [16, 16], [17, 17]]
-      // -> [[1, 12], [14, 14], [16, 17]]
-      ranges.sort(function (a, b) { return (a[0] - b[0]) || (b[1]  - a[1]); });
-      var consolidatedRanges = [];
-      var lastRange = [NaN, NaN];
-      for (var i = 0; i < ranges.length; ++i) {
-        var range = ranges[i];
-        if (range[0] <= lastRange[1] + 1) {
-          lastRange[1] = Math.max(lastRange[1], range[1]);
-        } else {
-          consolidatedRanges.push(lastRange = range);
-        }
-      }
-
-      var out = ['['];
-      if (inverse) { out.push('^'); }
-      out.push.apply(out, groups);
-      for (var i = 0; i < consolidatedRanges.length; ++i) {
-        var range = consolidatedRanges[i];
-        out.push(encodeEscape(range[0]));
-        if (range[1] > range[0]) {
-          if (range[1] + 1 > range[0]) { out.push('-'); }
-          out.push(encodeEscape(range[1]));
-        }
-      }
-      out.push(']');
-      return out.join('');
-    }
-
-    function allowAnywhereFoldCaseAndRenumberGroups(regex) {
-      // Split into character sets, escape sequences, punctuation strings
-      // like ('(', '(?:', ')', '^'), and runs of characters that do not
-      // include any of the above.
-      var parts = regex.source.match(
-          new RegExp(
-              '(?:'
-              + '\\[(?:[^\\x5C\\x5D]|\\\\[\\s\\S])*\\]'  // a character set
-              + '|\\\\u[A-Fa-f0-9]{4}'  // a unicode escape
-              + '|\\\\x[A-Fa-f0-9]{2}'  // a hex escape
-              + '|\\\\[0-9]+'  // a back-reference or octal escape
-              + '|\\\\[^ux0-9]'  // other escape sequence
-              + '|\\(\\?[:!=]'  // start of a non-capturing group
-              + '|[\\(\\)\\^]'  // start/emd of a group, or line start
-              + '|[^\\x5B\\x5C\\(\\)\\^]+'  // run of other characters
-              + ')',
-              'g'));
-      var n = parts.length;
-
-      // Maps captured group numbers to the number they will occupy in
-      // the output or to -1 if that has not been determined, or to
-      // undefined if they need not be capturing in the output.
-      var capturedGroups = [];
-
-      // Walk over and identify back references to build the capturedGroups
-      // mapping.
-      for (var i = 0, groupIndex = 0; i < n; ++i) {
-        var p = parts[i];
-        if (p === '(') {
-          // groups are 1-indexed, so max group index is count of '('
-          ++groupIndex;
-        } else if ('\\' === p.charAt(0)) {
-          var decimalValue = +p.substring(1);
-          if (decimalValue && decimalValue <= groupIndex) {
-            capturedGroups[decimalValue] = -1;
-          }
-        }
-      }
-
-      // Renumber groups and reduce capturing groups to non-capturing groups
-      // where possible.
-      for (var i = 1; i < capturedGroups.length; ++i) {
-        if (-1 === capturedGroups[i]) {
-          capturedGroups[i] = ++capturedGroupIndex;
-        }
-      }
-      for (var i = 0, groupIndex = 0; i < n; ++i) {
-        var p = parts[i];
-        if (p === '(') {
-          ++groupIndex;
-          if (capturedGroups[groupIndex] === undefined) {
-            parts[i] = '(?:';
-          }
-        } else if ('\\' === p.charAt(0)) {
-          var decimalValue = +p.substring(1);
-          if (decimalValue && decimalValue <= groupIndex) {
-            parts[i] = '\\' + capturedGroups[groupIndex];
-          }
-        }
-      }
-
-      // Remove any prefix anchors so that the output will match anywhere.
-      // ^^ really does mean an anchored match though.
-      for (var i = 0, groupIndex = 0; i < n; ++i) {
-        if ('^' === parts[i] && '^' !== parts[i + 1]) { parts[i] = ''; }
-      }
-
-      // Expand letters to groupts to handle mixing of case-sensitive and
-      // case-insensitive patterns if necessary.
-      if (regex.ignoreCase && needToFoldCase) {
-        for (var i = 0; i < n; ++i) {
-          var p = parts[i];
-          var ch0 = p.charAt(0);
-          if (p.length >= 2 && ch0 === '[') {
-            parts[i] = caseFoldCharset(p);
-          } else if (ch0 !== '\\') {
-            // TODO: handle letters in numeric escapes.
-            parts[i] = p.replace(
-                /[a-zA-Z]/g,
-                function (ch) {
-                  var cc = ch.charCodeAt(0);
-                  return '[' + String.fromCharCode(cc & ~32, cc | 32) + ']';
-                });
-          }
-        }
-      }
-
-      return parts.join('');
-    }
-
-    var rewritten = [];
-    for (var i = 0, n = regexs.length; i < n; ++i) {
-      var regex = regexs[i];
-      if (regex.global || regex.multiline) { throw new Error('' + regex); }
-      rewritten.push(
-          '(?:' + allowAnywhereFoldCaseAndRenumberGroups(regex) + ')');
-    }
-
-    return new RegExp(rewritten.join('|'), ignoreCase ? 'gi' : 'g');
-  }
-
-  var PR_innerHtmlWorks = null;
-  function getInnerHtml(node) {
-    // inner html is hopelessly broken in Safari 2.0.4 when the content is
-    // an html description of well formed XML and the containing tag is a PRE
-    // tag, so we detect that case and emulate innerHTML.
-    if (null === PR_innerHtmlWorks) {
-      var testNode = document.createElement('PRE');
-      testNode.appendChild(
-          document.createTextNode('<!DOCTYPE foo PUBLIC "foo bar">\n<foo />'));
-      PR_innerHtmlWorks = !/</.test(testNode.innerHTML);
-    }
-
-    if (PR_innerHtmlWorks) {
-      var content = node.innerHTML;
-      // XMP tags contain unescaped entities so require special handling.
-      if (isRawContent(node)) {
-        content = textToHtml(content);
-      } else if (!isPreformatted(node, content)) {
-        content = content.replace(/(<br\s*\/?>)[\r\n]+/g, '$1')
-            .replace(/(?:[\r\n]+[ \t]*)+/g, ' ');
-      }
-      return content;
-    }
-
-    var out = [];
-    for (var child = node.firstChild; child; child = child.nextSibling) {
-      normalizedHtml(child, out);
-    }
-    return out.join('');
-  }
-
-  /** returns a function that expand tabs to spaces.  This function can be fed
-    * successive chunks of text, and will maintain its own internal state to
-    * keep track of how tabs are expanded.
-    * @return {function (string) : string} a function that takes
-    *   plain text and return the text with tabs expanded.
-    * @private
-    */
-  function makeTabExpander(tabWidth) {
-    var SPACES = '                ';
-    var charInLine = 0;
-
-    return function (plainText) {
-      // walk over each character looking for tabs and newlines.
-      // On tabs, expand them.  On newlines, reset charInLine.
-      // Otherwise increment charInLine
-      var out = null;
-      var pos = 0;
-      for (var i = 0, n = plainText.length; i < n; ++i) {
-        var ch = plainText.charAt(i);
-
-        switch (ch) {
-          case '\t':
-            if (!out) { out = []; }
-            out.push(plainText.substring(pos, i));
-            // calculate how much space we need in front of this part
-            // nSpaces is the amount of padding -- the number of spaces needed
-            // to move us to the next column, where columns occur at factors of
-            // tabWidth.
-            var nSpaces = tabWidth - (charInLine % tabWidth);
-            charInLine += nSpaces;
-            for (; nSpaces >= 0; nSpaces -= SPACES.length) {
-              out.push(SPACES.substring(0, nSpaces));
-            }
-            pos = i + 1;
-            break;
-          case '\n':
-            charInLine = 0;
-            break;
-          default:
-            ++charInLine;
-        }
-      }
-      if (!out) { return plainText; }
-      out.push(plainText.substring(pos));
-      return out.join('');
-    };
-  }
-
-  var pr_chunkPattern = new RegExp(
-      '[^<]+'  // A run of characters other than '<'
-      + '|<\!--[\\s\\S]*?--\>'  // an HTML comment
-      + '|<!\\[CDATA\\[[\\s\\S]*?\\]\\]>'  // a CDATA section
-      // a probable tag that should not be highlighted
-      + '|<\/?[a-zA-Z](?:[^>\"\']|\'[^\']*\'|\"[^\"]*\")*>'
-      + '|<',  // A '<' that does not begin a larger chunk
-      'g');
-  var pr_commentPrefix = /^<\!--/;
-  var pr_cdataPrefix = /^<!\[CDATA\[/;
-  var pr_brPrefix = /^<br\b/i;
-  var pr_tagNameRe = /^<(\/?)([a-zA-Z][a-zA-Z0-9]*)/;
-
-  /** split markup into chunks of html tags (style null) and
-    * plain text (style {@link #PR_PLAIN}), converting tags which are
-    * significant for tokenization (<br>) into their textual equivalent.
-    *
-    * @param {string} s html where whitespace is considered significant.
-    * @return {Object} source code and extracted tags.
-    * @private
-    */
-  function extractTags(s) {
-    // since the pattern has the 'g' modifier and defines no capturing groups,
-    // this will return a list of all chunks which we then classify and wrap as
-    // PR_Tokens
-    var matches = s.match(pr_chunkPattern);
-    var sourceBuf = [];
-    var sourceBufLen = 0;
-    var extractedTags = [];
-    if (matches) {
-      for (var i = 0, n = matches.length; i < n; ++i) {
-        var match = matches[i];
-        if (match.length > 1 && match.charAt(0) === '<') {
-          if (pr_commentPrefix.test(match)) { continue; }
-          if (pr_cdataPrefix.test(match)) {
-            // strip CDATA prefix and suffix.  Don't unescape since it's CDATA
-            sourceBuf.push(match.substring(9, match.length - 3));
-            sourceBufLen += match.length - 12;
-          } else if (pr_brPrefix.test(match)) {
-            // <br> tags are lexically significant so convert them to text.
-            // This is undone later.
-            sourceBuf.push('\n');
-            ++sourceBufLen;
-          } else {
-            if (match.indexOf(PR_NOCODE) >= 0 && isNoCodeTag(match)) {
-              // A <span class="nocode"> will start a section that should be
-              // ignored.  Continue walking the list until we see a matching end
-              // tag.
-              var name = match.match(pr_tagNameRe)[2];
-              var depth = 1;
-              var j;
-              end_tag_loop:
-              for (j = i + 1; j < n; ++j) {
-                var name2 = matches[j].match(pr_tagNameRe);
-                if (name2 && name2[2] === name) {
-                  if (name2[1] === '/') {
-                    if (--depth === 0) { break end_tag_loop; }
-                  } else {
-                    ++depth;
-                  }
-                }
-              }
-              if (j < n) {
-                extractedTags.push(
-                    sourceBufLen, matches.slice(i, j + 1).join(''));
-                i = j;
-              } else {  // Ignore unclosed sections.
-                extractedTags.push(sourceBufLen, match);
-              }
-            } else {
-              extractedTags.push(sourceBufLen, match);
-            }
-          }
-        } else {
-          var literalText = htmlToText(match);
-          sourceBuf.push(literalText);
-          sourceBufLen += literalText.length;
-        }
-      }
-    }
-    return { source: sourceBuf.join(''), tags: extractedTags };
-  }
-
-  /** True if the given tag contains a class attribute with the nocode class. */
-  function isNoCodeTag(tag) {
-    return !!tag
-        // First canonicalize the representation of attributes
-        .replace(/\s(\w+)\s*=\s*(?:\"([^\"]*)\"|'([^\']*)'|(\S+))/g,
-                 ' $1="$2$3$4"')
-        // Then look for the attribute we want.
-        .match(/[cC][lL][aA][sS][sS]=\"[^\"]*\bnocode\b/);
-  }
-
-  /**
-   * Apply the given language handler to sourceCode and add the resulting
-   * decorations to out.
-   * @param {number} basePos the index of sourceCode within the chunk of source
-   *    whose decorations are already present on out.
-   */
-  function appendDecorations(basePos, sourceCode, langHandler, out) {
-    if (!sourceCode) { return; }
-    var job = {
-      source: sourceCode,
-      basePos: basePos
-    };
-    langHandler(job);
-    out.push.apply(out, job.decorations);
-  }
-
-  /** Given triples of [style, pattern, context] returns a lexing function,
-    * The lexing function interprets the patterns to find token boundaries and
-    * returns a decoration list of the form
-    * [index_0, style_0, index_1, style_1, ..., index_n, style_n]
-    * where index_n is an index into the sourceCode, and style_n is a style
-    * constant like PR_PLAIN.  index_n-1 <= index_n, and style_n-1 applies to
-    * all characters in sourceCode[index_n-1:index_n].
-    *
-    * The stylePatterns is a list whose elements have the form
-    * [style : string, pattern : RegExp, DEPRECATED, shortcut : string].
-    *
-    * Style is a style constant like PR_PLAIN, or can be a string of the
-    * form 'lang-FOO', where FOO is a language extension describing the
-    * language of the portion of the token in $1 after pattern executes.
-    * E.g., if style is 'lang-lisp', and group 1 contains the text
-    * '(hello (world))', then that portion of the token will be passed to the
-    * registered lisp handler for formatting.
-    * The text before and after group 1 will be restyled using this decorator
-    * so decorators should take care that this doesn't result in infinite
-    * recursion.  For example, the HTML lexer rule for SCRIPT elements looks
-    * something like ['lang-js', /<[s]cript>(.+?)<\/script>/].  This may match
-    * '<script>foo()<\/script>', which would cause the current decorator to
-    * be called with '<script>' which would not match the same rule since
-    * group 1 must not be empty, so it would be instead styled as PR_TAG by
-    * the generic tag rule.  The handler registered for the 'js' extension would
-    * then be called with 'foo()', and finally, the current decorator would
-    * be called with '<\/script>' which would not match the original rule and
-    * so the generic tag rule would identify it as a tag.
-    *
-    * Pattern must only match prefixes, and if it matches a prefix, then that
-    * match is considered a token with the same style.
-    *
-    * Context is applied to the last non-whitespace, non-comment token
-    * recognized.
-    *
-    * Shortcut is an optional string of characters, any of which, if the first
-    * character, gurantee that this pattern and only this pattern matches.
-    *
-    * @param {Array} shortcutStylePatterns patterns that always start with
-    *   a known character.  Must have a shortcut string.
-    * @param {Array} fallthroughStylePatterns patterns that will be tried in
-    *   order if the shortcut ones fail.  May have shortcuts.
-    *
-    * @return {function (Object)} a
-    *   function that takes source code and returns a list of decorations.
-    */
-  function createSimpleLexer(shortcutStylePatterns, fallthroughStylePatterns) {
-    var shortcuts = {};
-    var tokenizer;
-    (function () {
-      var allPatterns = shortcutStylePatterns.concat(fallthroughStylePatterns);
-      var allRegexs = [];
-      var regexKeys = {};
-      for (var i = 0, n = allPatterns.length; i < n; ++i) {
-        var patternParts = allPatterns[i];
-        var shortcutChars = patternParts[3];
-        if (shortcutChars) {
-          for (var c = shortcutChars.length; --c >= 0;) {
-            shortcuts[shortcutChars.charAt(c)] = patternParts;
-          }
-        }
-        var regex = patternParts[1];
-        var k = '' + regex;
-        if (!regexKeys.hasOwnProperty(k)) {
-          allRegexs.push(regex);
-          regexKeys[k] = null;
-        }
-      }
-      allRegexs.push(/[\0-\uffff]/);
-      tokenizer = combinePrefixPatterns(allRegexs);
-    })();
-
-    var nPatterns = fallthroughStylePatterns.length;
-    var notWs = /\S/;
-
-    /**
-     * Lexes job.source and produces an output array job.decorations of style
-     * classes preceded by the position at which they start in job.source in
-     * order.
-     *
-     * @param {Object} job an object like {@code
-     *    source: {string} sourceText plain text,
-     *    basePos: {int} position of job.source in the larger chunk of
-     *        sourceCode.
-     * }
-     */
-    var decorate = function (job) {
-      var sourceCode = job.source, basePos = job.basePos;
-      /** Even entries are positions in source in ascending order.  Odd enties
-        * are style markers (e.g., PR_COMMENT) that run from that position until
-        * the end.
-        * @type {Array.<number|string>}
-        */
-      var decorations = [basePos, PR_PLAIN];
-      var pos = 0;  // index into sourceCode
-      var tokens = sourceCode.match(tokenizer) || [];
-      var styleCache = {};
-
-      for (var ti = 0, nTokens = tokens.length; ti < nTokens; ++ti) {
-        var token = tokens[ti];
-        var style = styleCache[token];
-        var match = void 0;
-
-        var isEmbedded;
-        if (typeof style === 'string') {
-          isEmbedded = false;
-        } else {
-          var patternParts = shortcuts[token.charAt(0)];
-          if (patternParts) {
-            match = token.match(patternParts[1]);
-            style = patternParts[0];
-          } else {
-            for (var i = 0; i < nPatterns; ++i) {
-              patternParts = fallthroughStylePatterns[i];
-              match = token.match(patternParts[1]);
-              if (match) {
-                style = patternParts[0];
-                break;
-              }
-            }
-
-            if (!match) {  // make sure that we make progress
-              style = PR_PLAIN;
-            }
-          }
-
-          isEmbedded = style.length >= 5 && 'lang-' === style.substring(0, 5);
-          if (isEmbedded && !(match && typeof match[1] === 'string')) {
-            isEmbedded = false;
-            style = PR_SOURCE;
-          }
-
-          if (!isEmbedded) { styleCache[token] = style; }
-        }
-
-        var tokenStart = pos;
-        pos += token.length;
-
-        if (!isEmbedded) {
-          decorations.push(basePos + tokenStart, style);
-        } else {  // Treat group 1 as an embedded block of source code.
-          var embeddedSource = match[1];
-          var embeddedSourceStart = token.indexOf(embeddedSource);
-          var embeddedSourceEnd = embeddedSourceStart + embeddedSource.length;
-          if (match[2]) {
-            // If embeddedSource can be blank, then it would match at the
-            // beginning which would cause us to infinitely recurse on the
-            // entire token, so we catch the right context in match[2].
-            embeddedSourceEnd = token.length - match[2].length;
-            embeddedSourceStart = embeddedSourceEnd - embeddedSource.length;
-          }
-          var lang = style.substring(5);
-          // Decorate the left of the embedded source
-          appendDecorations(
-              basePos + tokenStart,
-              token.substring(0, embeddedSourceStart),
-              decorate, decorations);
-          // Decorate the embedded source
-          appendDecorations(
-              basePos + tokenStart + embeddedSourceStart,
-              embeddedSource,
-              langHandlerForExtension(lang, embeddedSource),
-              decorations);
-          // Decorate the right of the embedded section
-          appendDecorations(
-              basePos + tokenStart + embeddedSourceEnd,
-              token.substring(embeddedSourceEnd),
-              decorate, decorations);
-        }
-      }
-      job.decorations = decorations;
-    };
-    return decorate;
-  }
-
-  /** returns a function that produces a list of decorations from source text.
-    *
-    * This code treats ", ', and ` as string delimiters, and \ as a string
-    * escape.  It does not recognize perl's qq() style strings.
-    * It has no special handling for double delimiter escapes as in basic, or
-    * the tripled delimiters used in python, but should work on those regardless
-    * although in those cases a single string literal may be broken up into
-    * multiple adjacent string literals.
-    *
-    * It recognizes C, C++, and shell style comments.
-    *
-    * @param {Object} options a set of optional parameters.
-    * @return {function (Object)} a function that examines the source code
-    *     in the input job and builds the decoration list.
-    */
-  function sourceDecorator(options) {
-    var shortcutStylePatterns = [], fallthroughStylePatterns = [];
-    if (options['tripleQuotedStrings']) {
-      // '''multi-line-string''', 'single-line-string', and double-quoted
-      shortcutStylePatterns.push(
-          [PR_STRING,  /^(?:\'\'\'(?:[^\'\\]|\\[\s\S]|\'{1,2}(?=[^\']))*(?:\'\'\'|$)|\"\"\"(?:[^\"\\]|\\[\s\S]|\"{1,2}(?=[^\"]))*(?:\"\"\"|$)|\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$))/,
-           null, '\'"']);
-    } else if (options['multiLineStrings']) {
-      // 'multi-line-string', "multi-line-string"
-      shortcutStylePatterns.push(
-          [PR_STRING,  /^(?:\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$)|\`(?:[^\\\`]|\\[\s\S])*(?:\`|$))/,
-           null, '\'"`']);
-    } else {
-      // 'single-line-string', "single-line-string"
-      shortcutStylePatterns.push(
-          [PR_STRING,
-           /^(?:\'(?:[^\\\'\r\n]|\\.)*(?:\'|$)|\"(?:[^\\\"\r\n]|\\.)*(?:\"|$))/,
-           null, '"\'']);
-    }
-    if (options['verbatimStrings']) {
-      // verbatim-string-literal production from the C# grammar.  See issue 93.
-      fallthroughStylePatterns.push(
-          [PR_STRING, /^@\"(?:[^\"]|\"\")*(?:\"|$)/, null]);
-    }
-    if (options['hashComments']) {
-      if (options['cStyleComments']) {
-        // Stop C preprocessor declarations at an unclosed open comment
-        shortcutStylePatterns.push(
-            [PR_COMMENT, /^#(?:(?:define|elif|else|endif|error|ifdef|include|ifndef|line|pragma|undef|warning)\b|[^\r\n]*)/,
-             null, '#']);
-        fallthroughStylePatterns.push(
-            [PR_STRING,
-             /^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h|[a-z]\w*)>/,
-             null]);
-      } else {
-        shortcutStylePatterns.push([PR_COMMENT, /^#[^\r\n]*/, null, '#']);
-      }
-    }
-    if (options['cStyleComments']) {
-      fallthroughStylePatterns.push([PR_COMMENT, /^\/\/[^\r\n]*/, null]);
-      fallthroughStylePatterns.push(
-          [PR_COMMENT, /^\/\*[\s\S]*?(?:\*\/|$)/, null]);
-    }
-    if (options['regexLiterals']) {
-      var REGEX_LITERAL = (
-          // A regular expression literal starts with a slash that is
-          // not followed by * or / so that it is not confused with
-          // comments.
-          '/(?=[^/*])'
-          // and then contains any number of raw characters,
-          + '(?:[^/\\x5B\\x5C]'
-          // escape sequences (\x5C),
-          +    '|\\x5C[\\s\\S]'
-          // or non-nesting character sets (\x5B\x5D);
-          +    '|\\x5B(?:[^\\x5C\\x5D]|\\x5C[\\s\\S])*(?:\\x5D|$))+'
-          // finally closed by a /.
-          + '/');
-      fallthroughStylePatterns.push(
-          ['lang-regex',
-           new RegExp('^' + REGEXP_PRECEDER_PATTERN + '(' + REGEX_LITERAL + ')')
-           ]);
-    }
-
-    var keywords = options['keywords'].replace(/^\s+|\s+$/g, '');
-    if (keywords.length) {
-      fallthroughStylePatterns.push(
-          [PR_KEYWORD,
-           new RegExp('^(?:' + keywords.replace(/\s+/g, '|') + ')\\b'), null]);
-    }
-
-    shortcutStylePatterns.push([PR_PLAIN,       /^\s+/, null, ' \r\n\t\xA0']);
-    fallthroughStylePatterns.push(
-        // TODO(mikesamuel): recognize non-latin letters and numerals in idents
-        [PR_LITERAL,     /^@[a-z_$][a-z_$@0-9]*/i, null],
-        [PR_TYPE,        /^@?[A-Z]+[a-z][A-Za-z_$@0-9]*/, null],
-        [PR_PLAIN,       /^[a-z_$][a-z_$@0-9]*/i, null],
-        [PR_LITERAL,
-         new RegExp(
-             '^(?:'
-             // A hex number
-             + '0x[a-f0-9]+'
-             // or an octal or decimal number,
-             + '|(?:\\d(?:_\\d+)*\\d*(?:\\.\\d*)?|\\.\\d\\+)'
-             // possibly in scientific notation
-             + '(?:e[+\\-]?\\d+)?'
-             + ')'
-             // with an optional modifier like UL for unsigned long
-             + '[a-z]*', 'i'),
-         null, '0123456789'],
-        [PR_PUNCTUATION, /^.[^\s\w\.$@\'\"\`\/\#]*/, null]);
-
-    return createSimpleLexer(shortcutStylePatterns, fallthroughStylePatterns);
-  }
-
-  var decorateSource = sourceDecorator({
-        'keywords': ALL_KEYWORDS,
-        'hashComments': true,
-        'cStyleComments': true,
-        'multiLineStrings': true,
-        'regexLiterals': true
-      });
-
-  /** Breaks {@code job.source} around style boundaries in
-    * {@code job.decorations} while re-interleaving {@code job.extractedTags},
-    * and leaves the result in {@code job.prettyPrintedHtml}.
-    * @param {Object} job like {
-    *    source: {string} source as plain text,
-    *    extractedTags: {Array.<number|string>} extractedTags chunks of raw
-    *                   html preceded by their position in {@code job.source}
-    *                   in order
-    *    decorations: {Array.<number|string} an array of style classes preceded
-    *                 by the position at which they start in job.source in order
-    * }
-    * @private
-    */
-  function recombineTagsAndDecorations(job) {
-    var sourceText = job.source;
-    var extractedTags = job.extractedTags;
-    var decorations = job.decorations;
-
-    var html = [];
-    // index past the last char in sourceText written to html
-    var outputIdx = 0;
-
-    var openDecoration = null;
-    var currentDecoration = null;
-    var tagPos = 0;  // index into extractedTags
-    var decPos = 0;  // index into decorations
-    var tabExpander = makeTabExpander(window['PR_TAB_WIDTH']);
-
-    var adjacentSpaceRe = /([\r\n ]) /g;
-    var startOrSpaceRe = /(^| ) /gm;
-    var newlineRe = /\r\n?|\n/g;
-    var trailingSpaceRe = /[ \r\n]$/;
-    var lastWasSpace = true;  // the last text chunk emitted ended with a space.
-
-    // A helper function that is responsible for opening sections of decoration
-    // and outputing properly escaped chunks of source
-    function emitTextUpTo(sourceIdx) {
-      if (sourceIdx > outputIdx) {
-        if (openDecoration && openDecoration !== currentDecoration) {
-          // Close the current decoration
-          html.push('</span>');
-          openDecoration = null;
-        }
-        if (!openDecoration && currentDecoration) {
-          openDecoration = currentDecoration;
-          html.push('<span class="', openDecoration, '">');
-        }
-        // This interacts badly with some wikis which introduces paragraph tags
-        // into pre blocks for some strange reason.
-        // It's necessary for IE though which seems to lose the preformattedness
-        // of <pre> tags when their innerHTML is assigned.
-        // http://stud3.tuwien.ac.at/~e0226430/innerHtmlQuirk.html
-        // and it serves to undo the conversion of <br>s to newlines done in
-        // chunkify.
-        var htmlChunk = textToHtml(
-            tabExpander(sourceText.substring(outputIdx, sourceIdx)))
-            .replace(lastWasSpace
-                     ? startOrSpaceRe
-                     : adjacentSpaceRe, '$1&nbsp;');
-        // Keep track of whether we need to escape space at the beginning of the
-        // next chunk.
-        lastWasSpace = trailingSpaceRe.test(htmlChunk);
-        // IE collapses multiple adjacient <br>s into 1 line break.
-        // Prefix every <br> with '&nbsp;' can prevent such IE's behavior.
-        var lineBreakHtml = window['_pr_isIE6']() ? '&nbsp;<br />' : '<br />';
-        html.push(htmlChunk.replace(newlineRe, lineBreakHtml));
-        outputIdx = sourceIdx;
-      }
-    }
-
-    while (true) {
-      // Determine if we're going to consume a tag this time around.  Otherwise
-      // we consume a decoration or exit.
-      var outputTag;
-      if (tagPos < extractedTags.length) {
-        if (decPos < decorations.length) {
-          // Pick one giving preference to extractedTags since we shouldn't open
-          // a new style that we're going to have to immediately close in order
-          // to output a tag.
-          outputTag = extractedTags[tagPos] <= decorations[decPos];
-        } else {
-          outputTag = true;
-        }
-      } else {
-        outputTag = false;
-      }
-      // Consume either a decoration or a tag or exit.
-      if (outputTag) {
-        emitTextUpTo(extractedTags[tagPos]);
-        if (openDecoration) {
-          // Close the current decoration
-          html.push('</span>');
-          openDecoration = null;
-        }
-        html.push(extractedTags[tagPos + 1]);
-        tagPos += 2;
-      } else if (decPos < decorations.length) {
-        emitTextUpTo(decorations[decPos]);
-        currentDecoration = decorations[decPos + 1];
-        decPos += 2;
-      } else {
-        break;
-      }
-    }
-    emitTextUpTo(sourceText.length);
-    if (openDecoration) {
-      html.push('</span>');
-    }
-    job.prettyPrintedHtml = html.join('');
-  }
-
-  /** Maps language-specific file extensions to handlers. */
-  var langHandlerRegistry = {};
-  /** Register a language handler for the given file extensions.
-    * @param {function (Object)} handler a function from source code to a list
-    *      of decorations.  Takes a single argument job which describes the
-    *      state of the computation.   The single parameter has the form
-    *      {@code {
-    *        source: {string} as plain text.
-    *        decorations: {Array.<number|string>} an array of style classes
-    *                     preceded by the position at which they start in
-    *                     job.source in order.
-    *                     The language handler should assigned this field.
-    *        basePos: {int} the position of source in the larger source chunk.
-    *                 All positions in the output decorations array are relative
-    *                 to the larger source chunk.
-    *      } }
-    * @param {Array.<string>} fileExtensions
-    */
-  function registerLangHandler(handler, fileExtensions) {
-    for (var i = fileExtensions.length; --i >= 0;) {
-      var ext = fileExtensions[i];
-      if (!langHandlerRegistry.hasOwnProperty(ext)) {
-        langHandlerRegistry[ext] = handler;
-      } else if ('console' in window) {
-        console.warn('cannot override language handler %s', ext);
-      }
-    }
-  }
-  function langHandlerForExtension(extension, source) {
-    if (!(extension && langHandlerRegistry.hasOwnProperty(extension))) {
-      // Treat it as markup if the first non whitespace character is a < and
-      // the last non-whitespace character is a >.
-      extension = /^\s*</.test(source)
-          ? 'default-markup'
-          : 'default-code';
-    }
-    return langHandlerRegistry[extension];
-  }
-  registerLangHandler(decorateSource, ['default-code']);
-  registerLangHandler(
-      createSimpleLexer(
-          [],
-          [
-           [PR_PLAIN,       /^[^<?]+/],
-           [PR_DECLARATION, /^<!\w[^>]*(?:>|$)/],
-           [PR_COMMENT,     /^<\!--[\s\S]*?(?:-\->|$)/],
-           // Unescaped content in an unknown language
-           ['lang-',        /^<\?([\s\S]+?)(?:\?>|$)/],
-           ['lang-',        /^<%([\s\S]+?)(?:%>|$)/],
-           [PR_PUNCTUATION, /^(?:<[%?]|[%?]>)/],
-           ['lang-',        /^<xmp\b[^>]*>([\s\S]+?)<\/xmp\b[^>]*>/i],
-           // Unescaped content in javascript.  (Or possibly vbscript).
-           ['lang-js',      /^<script\b[^>]*>([\s\S]*?)(<\/script\b[^>]*>)/i],
-           // Contains unescaped stylesheet content
-           ['lang-css',     /^<style\b[^>]*>([\s\S]*?)(<\/style\b[^>]*>)/i],
-           ['lang-in.tag',  /^(<\/?[a-z][^<>]*>)/i]
-          ]),
-      ['default-markup', 'htm', 'html', 'mxml', 'xhtml', 'xml', 'xsl']);
-  registerLangHandler(
-      createSimpleLexer(
-          [
-           [PR_PLAIN,        /^[\s]+/, null, ' \t\r\n'],
-           [PR_ATTRIB_VALUE, /^(?:\"[^\"]*\"?|\'[^\']*\'?)/, null, '\"\'']
-           ],
-          [
-           [PR_TAG,          /^^<\/?[a-z](?:[\w.:-]*\w)?|\/?>$/i],
-           [PR_ATTRIB_NAME,  /^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],
-           ['lang-uq.val',   /^=\s*([^>\'\"\s]*(?:[^>\'\"\s\/]|\/(?=\s)))/],
-           [PR_PUNCTUATION,  /^[=<>\/]+/],
-           ['lang-js',       /^on\w+\s*=\s*\"([^\"]+)\"/i],
-           ['lang-js',       /^on\w+\s*=\s*\'([^\']+)\'/i],
-           ['lang-js',       /^on\w+\s*=\s*([^\"\'>\s]+)/i],
-           ['lang-css',      /^style\s*=\s*\"([^\"]+)\"/i],
-           ['lang-css',      /^style\s*=\s*\'([^\']+)\'/i],
-           ['lang-css',      /^style\s*=\s*([^\"\'>\s]+)/i]
-           ]),
-      ['in.tag']);
-  registerLangHandler(
-      createSimpleLexer([], [[PR_ATTRIB_VALUE, /^[\s\S]+/]]), ['uq.val']);
-  registerLangHandler(sourceDecorator({
-          'keywords': CPP_KEYWORDS,
-          'hashComments': true,
-          'cStyleComments': true
-        }), ['c', 'cc', 'cpp', 'cxx', 'cyc', 'm']);
-  registerLangHandler(sourceDecorator({
-          'keywords': 'null true false'
-        }), ['json']);
-  registerLangHandler(sourceDecorator({
-          'keywords': CSHARP_KEYWORDS,
-          'hashComments': true,
-          'cStyleComments': true,
-          'verbatimStrings': true
-        }), ['cs']);
-  registerLangHandler(sourceDecorator({
-          'keywords': JAVA_KEYWORDS,
-          'cStyleComments': true
-        }), ['java']);
-  registerLangHandler(sourceDecorator({
-          'keywords': SH_KEYWORDS,
-          'hashComments': true,
-          'multiLineStrings': true
-        }), ['bsh', 'csh', 'sh']);
-  registerLangHandler(sourceDecorator({
-          'keywords': PYTHON_KEYWORDS,
-          'hashComments': true,
-          'multiLineStrings': true,
-          'tripleQuotedStrings': true
-        }), ['cv', 'py']);
-  registerLangHandler(sourceDecorator({
-          'keywords': PERL_KEYWORDS,
-          'hashComments': true,
-          'multiLineStrings': true,
-          'regexLiterals': true
-        }), ['perl', 'pl', 'pm']);
-  registerLangHandler(sourceDecorator({
-          'keywords': RUBY_KEYWORDS,
-          'hashComments': true,
-          'multiLineStrings': true,
-          'regexLiterals': true
-        }), ['rb']);
-  registerLangHandler(sourceDecorator({
-          'keywords': JSCRIPT_KEYWORDS,
-          'cStyleComments': true,
-          'regexLiterals': true
-        }), ['js']);
-  registerLangHandler(
-      createSimpleLexer([], [[PR_STRING, /^[\s\S]+/]]), ['regex']);
-
-  function applyDecorator(job) {
-    var sourceCodeHtml = job.sourceCodeHtml;
-    var opt_langExtension = job.langExtension;
-
-    // Prepopulate output in case processing fails with an exception.
-    job.prettyPrintedHtml = sourceCodeHtml;
-
-    try {
-      // Extract tags, and convert the source code to plain text.
-      var sourceAndExtractedTags = extractTags(sourceCodeHtml);
-      /** Plain text. @type {string} */
-      var source = sourceAndExtractedTags.source;
-      job.source = source;
-      job.basePos = 0;
-
-      /** Even entries are positions in source in ascending order.  Odd entries
-        * are tags that were extracted at that position.
-        * @type {Array.<number|string>}
-        */
-      job.extractedTags = sourceAndExtractedTags.tags;
-
-      // Apply the appropriate language handler
-      langHandlerForExtension(opt_langExtension, source)(job);
-      // Integrate the decorations and tags back into the source code to produce
-      // a decorated html string which is left in job.prettyPrintedHtml.
-      recombineTagsAndDecorations(job);
-    } catch (e) {
-      if ('console' in window) {
-        console.log(e);
-        console.trace();
-      }
-    }
-  }
-
-  function prettyPrintOne(sourceCodeHtml, opt_langExtension) {
-    var job = {
-      sourceCodeHtml: sourceCodeHtml,
-      langExtension: opt_langExtension
-    };
-    applyDecorator(job);
-    return job.prettyPrintedHtml;
-  }
-
-  function prettyPrint(opt_whenDone) {
-    var isIE678 = window['_pr_isIE6']();
-    var ieNewline = isIE678 === 6 ? '\r\n' : '\r';
-    // See bug 71 and http://stackoverflow.com/questions/136443/why-doesnt-ie7-
-
-    // fetch a list of nodes to rewrite
-    var codeSegments = [
-        document.getElementsByTagName('pre'),
-        document.getElementsByTagName('code'),
-        document.getElementsByTagName('td'),  /* ND Change: Add tables to support prototypes. */
-        document.getElementsByTagName('xmp') ];
-    var elements = [];
-    for (var i = 0; i < codeSegments.length; ++i) {
-      for (var j = 0, n = codeSegments[i].length; j < n; ++j) {
-        elements.push(codeSegments[i][j]);
-      }
-    }
-    codeSegments = null;
-
-    var clock = Date;
-    if (!clock['now']) {
-      clock = { 'now': function () { return (new Date).getTime(); } };
-    }
-
-    // The loop is broken into a series of continuations to make sure that we
-    // don't make the browser unresponsive when rewriting a large page.
-    var k = 0;
-    var prettyPrintingJob;
-
-    function doWork() {
-      var endTime = (window['PR_SHOULD_USE_CONTINUATION'] ?
-                     clock.now() + 250 /* ms */ :
-                     Infinity);
-      for (; k < elements.length && clock.now() < endTime; k++) {
-        var cs = elements[k];
-        if (cs.className && cs.className.indexOf('prettyprint') >= 0) {
-          // If the classes includes a language extensions, use it.
-          // Language extensions can be specified like
-          //     <pre class="prettyprint lang-cpp">
-          // the language extension "cpp" is used to find a language handler as
-          // passed to PR_registerLangHandler.
-          var langExtension = cs.className.match(/\blang-(\w+)\b/);
-          if (langExtension) { langExtension = langExtension[1]; }
-
-          // make sure this is not nested in an already prettified element
-          var nested = false;
-          for (var p = cs.parentNode; p; p = p.parentNode) {
-            if ((p.tagName === 'pre' || p.tagName === 'code' ||
-                 p.tagName === 'xmp' || p.tagName === 'td') &&  /* ND Change: Add tables to support prototypes */
-                p.className && p.className.indexOf('prettyprint') >= 0) {
-              nested = true;
-              break;
-            }
-          }
-          if (!nested) {
-            // fetch the content as a snippet of properly escaped HTML.
-            // Firefox adds newlines at the end.
-            var content = getInnerHtml(cs);
-            content = content.replace(/(?:\r\n?|\n)$/, '');
-
-	  		/* ND Change: we need to preserve &nbsp;s so change them to a special character instead of a space. */
-			content = content.replace(/&nbsp;/g, '\x11');
-
-            // do the pretty printing
-            prettyPrintingJob = {
-              sourceCodeHtml: content,
-              langExtension: langExtension,
-              sourceNode: cs
-            };
-            applyDecorator(prettyPrintingJob);
-            replaceWithPrettyPrintedHtml();
-          }
-        }
-      }
-      if (k < elements.length) {
-        // finish up in a continuation
-        setTimeout(doWork, 250);
-      } else if (opt_whenDone) {
-        opt_whenDone();
-      }
-    }
-
-    function replaceWithPrettyPrintedHtml() {
-      var newContent = prettyPrintingJob.prettyPrintedHtml;
-      if (!newContent) { return; }
-
-      /* ND Change: Restore the preserved &nbsp;s.  */
-	  newContent = newContent.replace(/\x11/g, '&nbsp;');
-
-      var cs = prettyPrintingJob.sourceNode;
-
-      // push the prettified html back into the tag.
-      if (!isRawContent(cs)) {
-        // just replace the old html with the new
-        cs.innerHTML = newContent;
-      } else {
-        // we need to change the tag to a <pre> since <xmp>s do not allow
-        // embedded tags such as the span tags used to attach styles to
-        // sections of source code.
-        var pre = document.createElement('PRE');
-        for (var i = 0; i < cs.attributes.length; ++i) {
-          var a = cs.attributes[i];
-          if (a.specified) {
-            var aname = a.name.toLowerCase();
-            if (aname === 'class') {
-              pre.className = a.value;  // For IE 6
-            } else {
-              pre.setAttribute(a.name, a.value);
-            }
-          }
-        }
-        pre.innerHTML = newContent;
-
-        // remove the old
-        cs.parentNode.replaceChild(pre, cs);
-        cs = pre;
-      }
-
-      // Replace <br>s with line-feeds so that copying and pasting works
-      // on IE 6.
-      // Doing this on other browsers breaks lots of stuff since \r\n is
-      // treated as two newlines on Firefox, and doing this also slows
-      // down rendering.
-      if (isIE678 && cs.tagName === 'PRE') {
-        var lineBreaks = cs.getElementsByTagName('br');
-        for (var j = lineBreaks.length; --j >= 0;) {
-          var lineBreak = lineBreaks[j];
-          lineBreak.parentNode.replaceChild(
-              document.createTextNode(ieNewline), lineBreak);
-        }
-      }
-    }
-
-    doWork();
-  }
-
-  window['PR_normalizedHtml'] = normalizedHtml;
-  window['prettyPrintOne'] = prettyPrintOne;
-  window['prettyPrint'] = prettyPrint;
-  window['PR'] = {
-        'combinePrefixPatterns': combinePrefixPatterns,
-        'createSimpleLexer': createSimpleLexer,
-        'registerLangHandler': registerLangHandler,
-        'sourceDecorator': sourceDecorator,
-        'PR_ATTRIB_NAME': PR_ATTRIB_NAME,
-        'PR_ATTRIB_VALUE': PR_ATTRIB_VALUE,
-        'PR_COMMENT': PR_COMMENT,
-        'PR_DECLARATION': PR_DECLARATION,
-        'PR_KEYWORD': PR_KEYWORD,
-        'PR_LITERAL': PR_LITERAL,
-        'PR_NOCODE': PR_NOCODE,
-        'PR_PLAIN': PR_PLAIN,
-        'PR_PUNCTUATION': PR_PUNCTUATION,
-        'PR_SOURCE': PR_SOURCE,
-        'PR_STRING': PR_STRING,
-        'PR_TAG': PR_TAG,
-        'PR_TYPE': PR_TYPE
-      };
-})();
-
-
-// ____________________________________________________________________________
-
-
-
-// Lua extension
-
-PR.registerLangHandler(PR.createSimpleLexer([[PR.PR_PLAIN,/^[\t\n\r \xA0]+/,null,'	\n\r \xa0'],[PR.PR_STRING,/^(?:\"(?:[^\"\\]|\\[\s\S])*(?:\"|$)|\'(?:[^\'\\]|\\[\s\S])*(?:\'|$))/,null,'\"\'']],[[PR.PR_COMMENT,/^--(?:\[(=*)\[[\s\S]*?(?:\]\1\]|$)|[^\r\n]*)/],[PR.PR_STRING,/^\[(=*)\[[\s\S]*?(?:\]\1\]|$)/],[PR.PR_KEYWORD,/^(?:and|break|do|else|elseif|end|false|for|function|if|in|local|nil|not|or|repeat|return|then|true|until|while)\b/,null],[PR.PR_LITERAL,/^[+-]?(?:0x[\da-f]+|(?:(?:\.\d+|\d+(?:\.\d*)?)(?:e[+\-]?\d+)?))/i],[PR.PR_PLAIN,/^[a-z_]\w*/i],[PR.PR_PUNCTUATION,/^[^\w\t\n\r \xA0][^\w\t\n\r \xA0\"\'\-\+=]*/]]),['lua'])
-
-
-// Haskell extension
-
-PR.registerLangHandler(PR.createSimpleLexer([[PR.PR_PLAIN,/^[\t\n\x0B\x0C\r ]+/,null,'	\n\r '],[PR.PR_STRING,/^\"(?:[^\"\\\n\x0C\r]|\\[\s\S])*(?:\"|$)/,null,'\"'],[PR.PR_STRING,/^\'(?:[^\'\\\n\x0C\r]|\\[^&])\'?/,null,'\''],[PR.PR_LITERAL,/^(?:0o[0-7]+|0x[\da-f]+|\d+(?:\.\d+)?(?:e[+\-]?\d+)?)/i,null,'0123456789']],[[PR.PR_COMMENT,/^(?:(?:--+(?:[^\r\n\x0C]*)?)|(?:\{-(?:[^-]|-+[^-\}])*-\}))/],[PR.PR_KEYWORD,/^(?:case|class|data|default|deriving|do|else|if|import|in|infix|infixl|infixr|instance|let|module|newtype|of|then|type|where|_)(?=[^a-zA-Z0-9\']|$)/,null],[PR.PR_PLAIN,/^(?:[A-Z][\w\']*\.)*[a-zA-Z][\w\']*/],[PR.PR_PUNCTUATION,/^[^\t\n\x0B\x0C\r a-zA-Z0-9\'\"]+/]]),['hs'])
-
-
-// ML extension
-
-PR.registerLangHandler(PR.createSimpleLexer([[PR.PR_PLAIN,/^[\t\n\r \xA0]+/,null,'	\n\r \xa0'],[PR.PR_COMMENT,/^#(?:if[\t\n\r \xA0]+(?:[a-z_$][\w\']*|``[^\r\n\t`]*(?:``|$))|else|endif|light)/i,null,'#'],[PR.PR_STRING,/^(?:\"(?:[^\"\\]|\\[\s\S])*(?:\"|$)|\'(?:[^\'\\]|\\[\s\S])*(?:\'|$))/,null,'\"\'']],[[PR.PR_COMMENT,/^(?:\/\/[^\r\n]*|\(\*[\s\S]*?\*\))/],[PR.PR_KEYWORD,/^(?:abstract|and|as|assert|begin|class|default|delegate|do|done|downcast|downto|elif|else|end|exception|extern|false|finally|for|fun|function|if|in|inherit|inline|interface|internal|lazy|let|match|member|module|mutable|namespace|new|null|of|open|or|override|private|public|rec|return|static|struct|then|to|true|try|type|upcast|use|val|void|when|while|with|yield|asr|land|lor|lsl|lsr|lxor|mod|sig|atomic|break|checked|component|const|constraint|constructor|continue|eager|event|external|fixed|functor|global|include|method|mixin|object|parallel|process|protected|pure|sealed|trait|virtual|volatile)\b/],[PR.PR_LITERAL,/^[+\-]?(?:0x[\da-f]+|(?:(?:\.\d+|\d+(?:\.\d*)?)(?:e[+\-]?\d+)?))/i],[PR.PR_PLAIN,/^(?:[a-z_]\w*[!?#]?|``[^\r\n\t`]*(?:``|$))/i],[PR.PR_PUNCTUATION,/^[^\t\n\r \xA0\"\'\w]+/]]),['fs','ml'])
-
-
-// SQL extension
-
-PR.registerLangHandler(PR.createSimpleLexer([[PR.PR_PLAIN,/^[\t\n\r \xA0]+/,null,'	\n\r \xa0'],[PR.PR_STRING,/^(?:"(?:[^\"\\]|\\.)*"|'(?:[^\'\\]|\\.)*')/,null,'\"\'']],[[PR.PR_COMMENT,/^(?:--[^\r\n]*|\/\*[\s\S]*?(?:\*\/|$))/],[PR.PR_KEYWORD,/^(?:ADD|ALL|ALTER|AND|ANY|AS|ASC|AUTHORIZATION|BACKUP|BEGIN|BETWEEN|BREAK|BROWSE|BULK|BY|CASCADE|CASE|CHECK|CHECKPOINT|CLOSE|CLUSTERED|COALESCE|COLLATE|COLUMN|COMMIT|COMPUTE|CONSTRAINT|CONTAINS|CONTAINSTABLE|CONTINUE|CONVERT|CREATE|CROSS|CURRENT|CURRENT_DATE|CURRENT_TIME|CURRENT_TIMESTAMP|CURRENT_USER|CURSOR|DATABASE|DBCC|DEALLOCATE|DECLARE|DEFAULT|DELETE|DENY|DESC|DISK|DISTINCT|DISTRIBUTED|DOUBLE|DROP|DUMMY|DUMP|ELSE|END|ERRLVL|ESCAPE|EXCEPT|EXEC|EXECUTE|EXISTS|EXIT|FETCH|FILE|FILLFACTOR|FOR|FOREIGN|FREETEXT|FREETEXTTABLE|FROM|FULL|FUNCTION|GOTO|GRANT|GROUP|HAVING|HOLDLOCK|IDENTITY|IDENTITYCOL|IDENTITY_INSERT|IF|IN|INDEX|INNER|INSERT|INTERSECT|INTO|IS|JOIN|KEY|KILL|LEFT|LIKE|LINENO|LOAD|NATIONAL|NOCHECK|NONCLUSTERED|NOT|NULL|NULLIF|OF|OFF|OFFSETS|ON|OPEN|OPENDATASOURCE|OPENQUERY|OPENROWSET|OPENXML|OPTION|OR|ORDER|OUTER|OVER|PERCENT|PLAN|PRECISION|PRIMARY|PRINT|PROC|PROCEDURE|PUBLIC|RAISERROR|READ|READTEXT|RECONFIGURE|REFERENCES|REPLICATION|RESTORE|RESTRICT|RETURN|REVOKE|RIGHT|ROLLBACK|ROWCOUNT|ROWGUIDCOL|RULE|SAVE|SCHEMA|SELECT|SESSION_USER|SET|SETUSER|SHUTDOWN|SOME|STATISTICS|SYSTEM_USER|TABLE|TEXTSIZE|THEN|TO|TOP|TRAN|TRANSACTION|TRIGGER|TRUNCATE|TSEQUAL|UNION|UNIQUE|UPDATE|UPDATETEXT|USE|USER|VALUES|VARYING|VIEW|WAITFOR|WHEN|WHERE|WHILE|WITH|WRITETEXT)(?=[^\w-]|$)/i,null],[PR.PR_LITERAL,/^[+-]?(?:0x[\da-f]+|(?:(?:\.\d+|\d+(?:\.\d*)?)(?:e[+\-]?\d+)?))/i],[PR.PR_PLAIN,/^[a-z_][\w-]*/i],[PR.PR_PUNCTUATION,/^[^\w\t\n\r \xA0\"\'][^\w\t\n\r \xA0+\-\"\']*/]]),['sql'])
-
-
-// VB extension
-
-PR.registerLangHandler(PR.createSimpleLexer([[PR.PR_PLAIN,/^[\t\n\r \xA0\u2028\u2029]+/,null,'	\n\r \xa0\u2028\u2029'],[PR.PR_STRING,/^(?:[\"\u201C\u201D](?:[^\"\u201C\u201D]|[\"\u201C\u201D]{2})(?:[\"\u201C\u201D]c|$)|[\"\u201C\u201D](?:[^\"\u201C\u201D]|[\"\u201C\u201D]{2})*(?:[\"\u201C\u201D]|$))/i,null,'\"\u201c\u201d'],[PR.PR_COMMENT,/^[\'\u2018\u2019][^\r\n\u2028\u2029]*/,null,'\'\u2018\u2019']],[[PR.PR_KEYWORD,/^(?:AddHandler|AddressOf|Alias|And|AndAlso|Ansi|As|Assembly|Auto|Boolean|ByRef|Byte|ByVal|Call|Case|Catch|CBool|CByte|CChar|CDate|CDbl|CDec|Char|CInt|Class|CLng|CObj|Const|CShort|CSng|CStr|CType|Date|Decimal|Declare|Default|Delegate|Dim|DirectCast|Do|Double|Each|Else|ElseIf|End|EndIf|Enum|Erase|Error|Event|Exit|Finally|For|Friend|Function|Get|GetType|GoSub|GoTo|Handles|If|Implements|Imports|In|Inherits|Integer|Interface|Is|Let|Lib|Like|Long|Loop|Me|Mod|Module|MustInherit|MustOverride|MyBase|MyClass|Namespace|New|Next|Not|NotInheritable|NotOverridable|Object|On|Option|Optional|Or|OrElse|Overloads|Overridable|Overrides|ParamArray|Preserve|Private|Property|Protected|Public|RaiseEvent|ReadOnly|ReDim|RemoveHandler|Resume|Return|Select|Set|Shadows|Shared|Short|Single|Static|Step|Stop|String|Structure|Sub|SyncLock|Then|Throw|To|Try|TypeOf|Unicode|Until|Variant|Wend|When|While|With|WithEvents|WriteOnly|Xor|EndIf|GoSub|Let|Variant|Wend)\b/i,null],[PR.PR_COMMENT,/^REM[^\r\n\u2028\u2029]*/i],[PR.PR_LITERAL,/^(?:True\b|False\b|Nothing\b|\d+(?:E[+\-]?\d+[FRD]?|[FRDSIL])?|(?:&H[0-9A-F]+|&O[0-7]+)[SIL]?|\d*\.\d+(?:E[+\-]?\d+)?[FRD]?|#\s+(?:\d+[\-\/]\d+[\-\/]\d+(?:\s+\d+:\d+(?::\d+)?(\s*(?:AM|PM))?)?|\d+:\d+(?::\d+)?(\s*(?:AM|PM))?)\s+#)/i],[PR.PR_PLAIN,/^(?:(?:[a-z]|_\w)\w*|\[(?:[a-z]|_\w)\w*\])/i],[PR.PR_PUNCTUATION,/^[^\w\t\n\r \"\'\[\]\xA0\u2018\u2019\u201C\u201D\u2028\u2029]+/],[PR.PR_PUNCTUATION,/^(?:\[|\])/]]),['vb','vbs'])
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/searchdata.js b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/searchdata.js
deleted file mode 100644
index 229a815f..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/javascript/searchdata.js
+++ /dev/null
@@ -1,122 +0,0 @@
-var indexSectionsWithContent = {
-   "General": {
-      "Symbols": false,
-      "Numbers": false,
-      "A": true,
-      "B": false,
-      "C": true,
-      "D": false,
-      "E": false,
-      "F": true,
-      "G": true,
-      "H": false,
-      "I": true,
-      "J": false,
-      "K": false,
-      "L": true,
-      "M": false,
-      "N": false,
-      "O": true,
-      "P": false,
-      "Q": false,
-      "R": true,
-      "S": false,
-      "T": false,
-      "U": true,
-      "V": true,
-      "W": false,
-      "X": false,
-      "Y": false,
-      "Z": false
-      },
-   "Variables": {
-      "Symbols": false,
-      "Numbers": false,
-      "A": false,
-      "B": false,
-      "C": true,
-      "D": false,
-      "E": false,
-      "F": false,
-      "G": false,
-      "H": false,
-      "I": true,
-      "J": false,
-      "K": false,
-      "L": false,
-      "M": false,
-      "N": false,
-      "O": false,
-      "P": false,
-      "Q": false,
-      "R": true,
-      "S": false,
-      "T": false,
-      "U": false,
-      "V": false,
-      "W": false,
-      "X": false,
-      "Y": false,
-      "Z": false
-      },
-   "Functions": {
-      "Symbols": false,
-      "Numbers": false,
-      "A": true,
-      "B": false,
-      "C": true,
-      "D": false,
-      "E": false,
-      "F": true,
-      "G": true,
-      "H": false,
-      "I": true,
-      "J": false,
-      "K": false,
-      "L": true,
-      "M": false,
-      "N": false,
-      "O": true,
-      "P": false,
-      "Q": false,
-      "R": true,
-      "S": false,
-      "T": false,
-      "U": true,
-      "V": false,
-      "W": false,
-      "X": false,
-      "Y": false,
-      "Z": false
-      },
-   "Files": {
-      "Symbols": false,
-      "Numbers": false,
-      "A": false,
-      "B": false,
-      "C": true,
-      "D": false,
-      "E": false,
-      "F": false,
-      "G": false,
-      "H": false,
-      "I": false,
-      "J": false,
-      "K": false,
-      "L": false,
-      "M": false,
-      "N": false,
-      "O": false,
-      "P": false,
-      "Q": false,
-      "R": false,
-      "S": false,
-      "T": false,
-      "U": false,
-      "V": false,
-      "W": false,
-      "X": false,
-      "Y": false,
-      "Z": false
-      }
-   }
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FilesC.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FilesC.html
deleted file mode 100644
index 9b13d7ea..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FilesC.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_csrfprotector_perphp><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#csrfprotector.php" target=_parent class=ISymbol>csrfprotector.php</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsA.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsA.html
deleted file mode 100644
index 2a3a150e..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsA.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_authorisePost><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#authorisePost" target=_parent class=ISymbol>authorisePost</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsC.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsC.html
deleted file mode 100644
index c02adb84..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsC.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_createNewJsCache><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#createNewJsCache" target=_parent class=ISymbol>createNewJsCache</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsF.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsF.html
deleted file mode 100644
index 88d09287..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsF.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_failedValidationAction><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#failedValidationAction" target=_parent class=ISymbol>failedValidationAction</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsG.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsG.html
deleted file mode 100644
index 4c9b125a..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsG.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_generateAuthToken><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#generateAuthToken" target=_parent class=ISymbol>generateAuthToken</a></div></div><div class=SRResult id=SR_getCurrentUrl><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#getCurrentUrl" target=_parent class=ISymbol>getCurrentUrl</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsI.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsI.html
deleted file mode 100644
index 9dc7a592..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsI.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_init><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#init" target=_parent class=ISymbol>init</a></div></div><div class=SRResult id=SR_isURLallowed><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#isURLallowed" target=_parent class=ISymbol>isURLallowed</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsL.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsL.html
deleted file mode 100644
index c2cbb504..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsL.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_logCSRFattack><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#logCSRFattack" target=_parent class=ISymbol>logCSRFattack</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsO.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsO.html
deleted file mode 100644
index 0c67005f..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsO.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_ob_undhandler><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#ob_handler" target=_parent class=ISymbol>ob_handler</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsR.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsR.html
deleted file mode 100644
index c25cffe0..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsR.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_refreshToken><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#refreshToken" target=_parent class=ISymbol>refreshToken</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsU.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsU.html
deleted file mode 100644
index a43aa753..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/FunctionsU.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_useCachedVersion><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#useCachedVersion" target=_parent class=ISymbol>useCachedVersion</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralA.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralA.html
deleted file mode 100644
index 2a3a150e..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralA.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_authorisePost><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#authorisePost" target=_parent class=ISymbol>authorisePost</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralC.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralC.html
deleted file mode 100644
index edb09c50..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralC.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_config><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$config" target=_parent class=ISymbol>config</a></div></div><div class=SRResult id=SR_cookieExpiryTime><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$cookieExpiryTime" target=_parent class=ISymbol>cookieExpiryTime</a></div></div><div class=SRResult id=SR_createNewJsCache><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#createNewJsCache" target=_parent class=ISymbol>createNewJsCache</a></div></div><div class=SRResult id=SR_csrfprotector_perphp><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#csrfprotector.php" target=_parent class=ISymbol>csrfprotector.php</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralF.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralF.html
deleted file mode 100644
index b624d11b..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralF.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_failedValidationAction><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#failedValidationAction" target=_parent class=ISymbol>failedValidationAction</a></div></div><div class=SRResult id=SR_Functions><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#Functions" target=_parent class=ISymbol>Functions</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralG.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralG.html
deleted file mode 100644
index 4c9b125a..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralG.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_generateAuthToken><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#generateAuthToken" target=_parent class=ISymbol>generateAuthToken</a></div></div><div class=SRResult id=SR_getCurrentUrl><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#getCurrentUrl" target=_parent class=ISymbol>getCurrentUrl</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralI.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralI.html
deleted file mode 100644
index 0bdb7a47..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralI.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_init><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#init" target=_parent class=ISymbol>init</a></div></div><div class=SRResult id=SR_isSameOrigin><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$isSameOrigin" target=_parent class=ISymbol>isSameOrigin</a></div></div><div class=SRResult id=SR_isURLallowed><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#isURLallowed" target=_parent class=ISymbol>isURLallowed</a></div></div><div class=SRResult id=SR_isValidHTML><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$isValidHTML" target=_parent class=ISymbol>isValidHTML</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralL.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralL.html
deleted file mode 100644
index c2cbb504..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralL.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_logCSRFattack><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#logCSRFattack" target=_parent class=ISymbol>logCSRFattack</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralO.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralO.html
deleted file mode 100644
index 0c67005f..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralO.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_ob_undhandler><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#ob_handler" target=_parent class=ISymbol>ob_handler</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralR.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralR.html
deleted file mode 100644
index e6d917c1..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralR.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_refreshToken><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#refreshToken" target=_parent class=ISymbol>refreshToken</a></div></div><div class=SRResult id=SR_requestType><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$requestType" target=_parent class=ISymbol>requestType</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralU.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralU.html
deleted file mode 100644
index a43aa753..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralU.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_useCachedVersion><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#useCachedVersion" target=_parent class=ISymbol>useCachedVersion</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralV.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralV.html
deleted file mode 100644
index ce09ee7c..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/GeneralV.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_Variables><div class=IEntry><a href="../files/libs/csrf/csrfprotector-php.html#Variables" target=_parent class=ISymbol>Variables</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/NoResults.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/NoResults.html
deleted file mode 100644
index 8c724966..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/NoResults.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=NoMatches>No Matches</div></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesC.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesC.html
deleted file mode 100644
index 8b8dc9dc..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesC.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_config><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$config" target=_parent class=ISymbol>config</a></div></div><div class=SRResult id=SR_cookieExpiryTime><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$cookieExpiryTime" target=_parent class=ISymbol>cookieExpiryTime</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesI.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesI.html
deleted file mode 100644
index a32aac1d..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesI.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_isSameOrigin><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$isSameOrigin" target=_parent class=ISymbol>isSameOrigin</a></div></div><div class=SRResult id=SR_isValidHTML><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$isValidHTML" target=_parent class=ISymbol>isValidHTML</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesR.html b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesR.html
deleted file mode 100644
index 3a06b30e..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/search/VariablesR.html
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
-
-<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><link rel="stylesheet" type="text/css" href="../styles/main.css"><script language=JavaScript src="../javascript/main.js"></script></head><body class="PopupSearchResultsPage" onLoad="NDOnLoad()"><script language=JavaScript><!--
-if (browserType) {document.write("<div class=" + browserType + ">");if (browserVer) {document.write("<div class=" + browserVer + ">"); }}// --></script>
-
-<!--  Generated by Natural Docs, version 1.52 -->
-<!--  http://www.naturaldocs.org  -->
-
-<!-- saved from url=(0026)http://www.naturaldocs.org -->
-
-
-
-
-<div id=Index><div class=SRStatus id=Loading>Loading...</div><table border=0 cellspacing=0 cellpadding=0><div class=SRResult id=SR_requestType><div class=IEntry><span class=ISymbolPrefix>$</span><a href="../files/libs/csrf/csrfprotector-php.html#$requestType" target=_parent class=ISymbol>requestType</a></div></div></table><div class=SRStatus id=Searching>Searching...</div><div class=SRStatus id=NoMatches>No Matches</div><script type="text/javascript"><!--
-document.getElementById("Loading").style.display="none";
-document.getElementById("NoMatches").style.display="none";
-var searchResults = new SearchResults("searchResults", "HTML");
-searchResults.Search();
---></script></div><script language=JavaScript><!--
-if (browserType) {if (browserVer) {document.write("</div>"); }document.write("</div>");}// --></script></body></html>
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/styles/main.css b/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/styles/main.css
deleted file mode 100644
index 1832d8f3..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/docs/styles/main.css
+++ /dev/null
@@ -1,824 +0,0 @@
-/*
-   IMPORTANT: If you're editing this file in the output directory of one of
-   your projects, your changes will be overwritten the next time you run
-   Natural Docs.  Instead, copy this file to your project directory, make your
-   changes, and you can use it with -s.  Even better would be to make a CSS
-   file in your project directory with only your changes, which you can then
-   use with -s [original style] [your changes].
-
-   On the other hand, if you're editing this file in the Natural Docs styles
-   directory, the changes will automatically be applied to all your projects
-   that use this style the next time Natural Docs is run on them.
-
-   This file is part of Natural Docs, which is Copyright  2003-2010 Greg Valure.
-   Natural Docs is licensed under version 3 of the GNU Affero General Public
-   License (AGPL).  Refer to License.txt for the complete details.
-
-   This file may be distributed with documentation files generated by Natural Docs.
-   Such documentation is not covered by Natural Docs' copyright and licensing,
-   and may have its own copyright and distribution terms as decided by its author.
-*/
-
-body {
-    font: 8pt Verdana, Arial, sans-serif;
-    color: #000000;
-    margin: 0; padding: 0;
-    }
-
-.ContentPage,
-.IndexPage,
-.FramedMenuPage {
-    background-color: #E8E8E8;
-    }
-.FramedContentPage,
-.FramedIndexPage,
-.FramedSearchResultsPage,
-.PopupSearchResultsPage {
-    background-color: #FFFFFF;
-    }
-
-
-a:link,
-a:visited { color: #900000; text-decoration: none }
-a:hover { color: #900000; text-decoration: underline }
-a:active { color: #FF0000; text-decoration: underline }
-
-td {
-    vertical-align: top }
-
-img { border: 0;  }
-
-
-/*
-    Comment out this line to use web-style paragraphs (blank line between
-    paragraphs, no indent) instead of print-style paragraphs (no blank line,
-    indented.)
-*/
-p {
-    text-indent: 5ex; margin: 0 }
-
-
-/*  Opera doesn't break with just wbr, but will if you add this.  */
-.Opera wbr:after {
-	content: "\00200B";
-	}
-
-/*  Blockquotes are used as containers for things that may need to scroll.  */
-blockquote {
-    padding: 0;
-    margin: 0;
-    overflow: auto;
-    }
-
-
-.Firefox1 blockquote {
-    padding-bottom: .5em;
-    }
-
-/*  Turn off scrolling when printing.  */
-@media print {
-    blockquote {
-        overflow: visible;
-        }
-    .IE blockquote {
-        width: auto;
-        }
-    }
-
-
-
-#Menu {
-    font-size: 8pt;
-    padding: 10px 0 0 0;
-    }
-.ContentPage #Menu,
-.IndexPage #Menu {
-    position: absolute;
-    top: 0;
-    left: 0;
-    width: 31ex;
-    overflow: hidden;
-    }
-.ContentPage .Firefox #Menu,
-.IndexPage .Firefox #Menu {
-    width: 27ex;
-    }
-
-
-    .MTitle {
-        font-size: 16pt; font-weight: bold; font-variant: small-caps;
-        text-align: center;
-        padding: 5px 10px 15px 10px;
-        border-bottom: 1px dotted #000000;
-        margin-bottom: 15px }
-
-    .MSubTitle {
-        font-size: 9pt; font-weight: normal; font-variant: normal;
-        margin-top: 1ex; margin-bottom: 5px }
-
-
-    .MEntry a:link,
-    .MEntry a:hover,
-    .MEntry a:visited { color: #606060; margin-right: 0 }
-    .MEntry a:active { color: #A00000; margin-right: 0 }
-
-
-    .MGroup {
-        font-variant: small-caps; font-weight: bold;
-        margin: 1em 0 1em 10px;
-        }
-
-    .MGroupContent {
-        font-variant: normal; font-weight: normal }
-
-    .MGroup a:link,
-    .MGroup a:hover,
-    .MGroup a:visited { color: #545454; margin-right: 10px }
-    .MGroup a:active { color: #A00000; margin-right: 10px }
-
-
-    .MFile,
-    .MText,
-    .MLink,
-    .MIndex {
-        padding: 1px 17px 2px 10px;
-        margin: .25em 0 .25em 0;
-        }
-
-    .MText {
-        font-size: 8pt; font-style: italic }
-
-    .MLink {
-        font-style: italic }
-
-    #MSelected {
-        color: #000000; background-color: #FFFFFF;
-        /*  Replace padding with border.  */
-        padding: 0 10px 0 10px;
-        border-width: 1px 2px 2px 0; border-style: solid; border-color: #000000;
-        margin-right: 5px;
-        }
-
-    /*  Close off the left side when its in a group.  */
-    .MGroup #MSelected {
-        padding-left: 9px; border-left-width: 1px }
-
-    /*  A treat for Mozilla users.  Blatantly non-standard.  Will be replaced with CSS 3 attributes when finalized/supported.  */
-    .Firefox #MSelected {
-        -moz-border-radius-topright: 10px;
-        -moz-border-radius-bottomright: 10px }
-    .Firefox .MGroup #MSelected {
-        -moz-border-radius-topleft: 10px;
-        -moz-border-radius-bottomleft: 10px }
-
-
-    #MSearchPanel {
-        padding: 0px 6px;
-        margin: .25em 0;
-        }
-
-
-    #MSearchField {
-        font: italic 8pt Verdana, sans-serif;
-        color: #606060;
-        background-color: #E8E8E8;
-        border: none;
-        padding: 2px 4px;
-        width: 100%;
-        }
-    /* Only Opera gets it right. */
-    .Firefox #MSearchField,
-    .IE #MSearchField,
-    .Safari #MSearchField {
-        width: 94%;
-        }
-    .Opera9 #MSearchField,
-    .Konqueror #MSearchField {
-        width: 97%;
-        }
-    .FramedMenuPage .Firefox #MSearchField,
-    .FramedMenuPage .Safari #MSearchField,
-    .FramedMenuPage .Konqueror #MSearchField {
-        width: 98%;
-        }
-
-    /* Firefox doesn't do this right in frames without #MSearchPanel added on.
-        It's presence doesn't hurt anything other browsers. */
-    #MSearchPanel.MSearchPanelInactive:hover #MSearchField {
-        background-color: #FFFFFF;
-        border: 1px solid #C0C0C0;
-        padding: 1px 3px;
-        }
-    .MSearchPanelActive #MSearchField {
-        background-color: #FFFFFF;
-        border: 1px solid #C0C0C0;
-        font-style: normal;
-        padding: 1px 3px;
-        }
-
-    #MSearchType {
-        visibility: hidden;
-        font: 8pt Verdana, sans-serif;
-        width: 98%;
-        padding: 0;
-        border: 1px solid #C0C0C0;
-        }
-    .MSearchPanelActive #MSearchType,
-    /*  As mentioned above, Firefox doesn't do this right in frames without #MSearchPanel added on. */
-    #MSearchPanel.MSearchPanelInactive:hover #MSearchType,
-    #MSearchType:focus {
-        visibility: visible;
-        color: #606060;
-        }
-    #MSearchType option#MSearchEverything {
-        font-weight: bold;
-        }
-
-    .Opera8 .MSearchPanelInactive:hover,
-    .Opera8 .MSearchPanelActive {
-        margin-left: -1px;
-        }
-
-
-    iframe#MSearchResults {
-        width: 60ex;
-        height: 15em;
-        }
-    #MSearchResultsWindow {
-        display: none;
-        position: absolute;
-        left: 0; top: 0;
-        border: 1px solid #000000;
-        background-color: #E8E8E8;
-        }
-    #MSearchResultsWindowClose {
-        font-weight: bold;
-        font-size: 8pt;
-        display: block;
-        padding: 2px 5px;
-        }
-    #MSearchResultsWindowClose:link,
-    #MSearchResultsWindowClose:visited {
-        color: #000000;
-        text-decoration: none;
-        }
-    #MSearchResultsWindowClose:active,
-    #MSearchResultsWindowClose:hover {
-        color: #800000;
-        text-decoration: none;
-        background-color: #F4F4F4;
-        }
-
-
-
-
-#Content {
-    padding-bottom: 15px;
-    }
-
-.ContentPage #Content {
-    border-width: 0 0 1px 1px;
-    border-style: solid;
-    border-color: #000000;
-    background-color: #FFFFFF;
-    font-size: 8pt;  /* To make 31ex match the menu's 31ex. */
-    margin-left: 31ex;
-    }
-.ContentPage .Firefox #Content {
-    margin-left: 27ex;
-    }
-
-
-
-    .CTopic {
-        font-size: 8pt;
-        margin-bottom: 3em;
-        }
-
-
-    .CTitle {
-        font-size: 11pt; font-weight: bold;
-        border-width: 0 0 1px 0; border-style: solid; border-color: #A0A0A0;
-        margin: 0 15px .5em 15px }
-
-    .CGroup .CTitle {
-        font-size: 16pt; font-variant: small-caps;
-        padding-left: 15px; padding-right: 15px;
-        border-width: 0 0 2px 0; border-color: #000000;
-        margin-left: 0; margin-right: 0 }
-
-    .CClass .CTitle,
-    .CInterface .CTitle,
-    .CDatabase .CTitle,
-    .CDatabaseTable .CTitle,
-    .CSection .CTitle {
-        font-size: 18pt;
-        color: #FFFFFF; background-color: #A0A0A0;
-        padding: 10px 15px 10px 15px;
-        border-width: 2px 0; border-color: #000000;
-        margin-left: 0; margin-right: 0 }
-
-    #MainTopic .CTitle {
-        font-size: 20pt;
-        color: #FFFFFF; background-color: #7070C0;
-        padding: 10px 15px 10px 15px;
-        border-width: 0 0 3px 0; border-color: #000000;
-        margin-left: 0; margin-right: 0 }
-
-    .CBody {
-        margin-left: 15px; margin-right: 15px }
-
-
-    .CToolTip {
-        position: absolute; visibility: hidden;
-        left: 0; top: 0;
-        background-color: #FFFFE0;
-        padding: 5px;
-        border-width: 1px 2px 2px 1px; border-style: solid; border-color: #000000;
-        font-size: 8pt;
-        }
-
-    .Opera .CToolTip {
-        max-width: 98%;
-        }
-
-    /*  Scrollbars would be useless.  */
-    .CToolTip blockquote {
-        overflow: hidden;
-        }
-    .IE6 .CToolTip blockquote {
-        overflow: visible;
-        }
-
-    .CHeading {
-        font-weight: bold; font-size: 9pt;
-        margin: 1.5em 0 .5em 0;
-        }
-
-    .CBody pre {
-        font: 8pt "Courier New", Courier, monospace;
-	    background-color: #FCFCFC;
-	    margin: 1em 35px;
-	    padding: 10px 15px 10px 10px;
-	    border-color: #E0E0E0 #E0E0E0 #E0E0E0 #E4E4E4;
-	    border-width: 1px 1px 1px 6px;
-	    border-style: dashed dashed dashed solid;
-        }
-
-    .CBody ul {
-        /*  I don't know why CBody's margin doesn't apply, but it's consistent across browsers so whatever.
-             Reapply it here as padding.  */
-        padding-left: 15px; padding-right: 15px;
-        margin: .5em 5ex .5em 5ex;
-        }
-
-    .CDescriptionList {
-        margin: .5em 5ex 0 5ex }
-
-        .CDLEntry {
-            font: 8pt "Courier New", Courier, monospace; color: #808080;
-            padding-bottom: .25em;
-            white-space: nowrap }
-
-        .CDLDescription {
-            font-size: 8pt;  /*  For browsers that don't inherit correctly, like Opera 5.  */
-            padding-bottom: .5em; padding-left: 5ex }
-
-
-    .CTopic img {
-        text-align: center;
-        display: block;
-        margin: 1em auto;
-        }
-    .CImageCaption {
-        font-variant: small-caps;
-        font-size: 8pt;
-        color: #808080;
-        text-align: center;
-        position: relative;
-        top: 1em;
-        }
-
-    .CImageLink {
-        color: #808080;
-        font-style: italic;
-        }
-    a.CImageLink:link,
-    a.CImageLink:visited,
-    a.CImageLink:hover { color: #808080 }
-
-
-
-
-
-.Prototype {
-    font: 8pt "Courier New", Courier, monospace;
-    padding: 5px 3ex;
-    border-width: 1px; border-style: solid;
-    margin: 0 5ex 1.5em 5ex;
-    }
-
-    .Prototype td {
-        font-size: 8pt;
-        }
-
-    .PDefaultValue,
-    .PDefaultValuePrefix,
-    .PTypePrefix {
-        color: #8F8F8F;
-        }
-    .PTypePrefix {
-        text-align: right;
-        }
-    .PAfterParameters {
-        vertical-align: bottom;
-        }
-
-    .IE .Prototype table {
-        padding: 0;
-        }
-
-    .CFunction .Prototype {
-        background-color: #F4F4F4; border-color: #D0D0D0 }
-    .CProperty .Prototype {
-        background-color: #F4F4FF; border-color: #C0C0E8 }
-    .CVariable .Prototype {
-        background-color: #FFFFF0; border-color: #E0E0A0 }
-
-    .CClass .Prototype {
-        border-width: 1px 2px 2px 1px; border-style: solid; border-color: #A0A0A0;
-        background-color: #F4F4F4;
-        }
-    .CInterface .Prototype {
-        border-width: 1px 2px 2px 1px; border-style: solid; border-color: #A0A0D0;
-        background-color: #F4F4FF;
-        }
-
-    .CDatabaseIndex .Prototype,
-    .CConstant .Prototype {
-        background-color: #D0D0D0; border-color: #000000 }
-    .CType .Prototype,
-    .CEnumeration .Prototype {
-        background-color: #FAF0F0; border-color: #E0B0B0;
-        }
-    .CDatabaseTrigger .Prototype,
-    .CEvent .Prototype,
-    .CDelegate .Prototype {
-        background-color: #F0FCF0; border-color: #B8E4B8 }
-
-    .CToolTip .Prototype {
-        margin: 0 0 .5em 0;
-        white-space: nowrap;
-        }
-
-
-
-
-
-.Summary {
-    margin: 1.5em 5ex 0 5ex }
-
-    .STitle {
-        font-size: 11pt; font-weight: bold;
-        margin-bottom: .5em }
-
-
-    .SBorder {
-        background-color: #FFFFF0;
-        padding: 15px;
-        border: 1px solid #C0C060 }
-
-    /* In a frame IE 6 will make them too long unless you set the width to 100%.  Without frames it will be correct without a width
-        or slightly too long (but not enough to scroll) with a width.  This arbitrary weirdness simply astounds me.  IE 7 has the same
-        problem with frames, haven't tested it without.  */
-    .FramedContentPage .IE .SBorder {
-        width: 100% }
-
-    /*  A treat for Mozilla users.  Blatantly non-standard.  Will be replaced with CSS 3 attributes when finalized/supported.  */
-    .Firefox .SBorder {
-        -moz-border-radius: 20px }
-
-
-    .STable {
-        font-size: 8pt; width: 100% }
-
-    .SEntry {
-        width: 30% }
-    .SDescription {
-        width: 70% }
-
-
-    .SMarked {
-        background-color: #F8F8D8 }
-
-    .SDescription { padding-left: 2ex }
-    .SIndent1 .SEntry { padding-left: 1.5ex }   .SIndent1 .SDescription { padding-left: 3.5ex }
-    .SIndent2 .SEntry { padding-left: 3.0ex }   .SIndent2 .SDescription { padding-left: 5.0ex }
-    .SIndent3 .SEntry { padding-left: 4.5ex }   .SIndent3 .SDescription { padding-left: 6.5ex }
-    .SIndent4 .SEntry { padding-left: 6.0ex }   .SIndent4 .SDescription { padding-left: 8.0ex }
-    .SIndent5 .SEntry { padding-left: 7.5ex }   .SIndent5 .SDescription { padding-left: 9.5ex }
-
-    .SDescription a { color: #800000}
-    .SDescription a:active { color: #A00000 }
-
-    .SGroup td {
-        padding-top: .5em; padding-bottom: .25em }
-
-    .SGroup .SEntry {
-        font-weight: bold; font-variant: small-caps }
-
-    .SGroup .SEntry a { color: #800000 }
-    .SGroup .SEntry a:active { color: #F00000 }
-
-
-    .SMain td,
-    .SClass td,
-    .SDatabase td,
-    .SDatabaseTable td,
-    .SSection td {
-        font-size: 10pt;
-        padding-bottom: .25em }
-
-    .SClass td,
-    .SDatabase td,
-    .SDatabaseTable td,
-    .SSection td {
-        padding-top: 1em }
-
-    .SMain .SEntry,
-    .SClass .SEntry,
-    .SDatabase .SEntry,
-    .SDatabaseTable .SEntry,
-    .SSection .SEntry {
-        font-weight: bold;
-        }
-
-    .SMain .SEntry a,
-    .SClass .SEntry a,
-    .SDatabase .SEntry a,
-    .SDatabaseTable .SEntry a,
-    .SSection .SEntry a { color: #000000 }
-
-    .SMain .SEntry a:active,
-    .SClass .SEntry a:active,
-    .SDatabase .SEntry a:active,
-    .SDatabaseTable .SEntry a:active,
-    .SSection .SEntry a:active { color: #A00000 }
-
-
-
-
-
-.ClassHierarchy {
-    margin: 0 15px 1em 15px }
-
-    .CHEntry {
-        border-width: 1px 2px 2px 1px; border-style: solid; border-color: #A0A0A0;
-        margin-bottom: 3px;
-        padding: 2px 2ex;
-        font-size: 8pt;
-        background-color: #F4F4F4; color: #606060;
-        }
-
-    .Firefox .CHEntry {
-        -moz-border-radius: 4px;
-        }
-
-    .CHCurrent .CHEntry {
-        font-weight: bold;
-        border-color: #000000;
-        color: #000000;
-        }
-
-    .CHChildNote .CHEntry {
-        font-style: italic;
-        font-size: 8pt;
-        }
-
-    .CHIndent {
-        margin-left: 3ex;
-        }
-
-    .CHEntry a:link,
-    .CHEntry a:visited,
-    .CHEntry a:hover {
-        color: #606060;
-        }
-    .CHEntry a:active {
-        color: #800000;
-        }
-
-
-
-
-
-#Index {
-    background-color: #FFFFFF;
-    }
-
-/*  As opposed to .PopupSearchResultsPage #Index  */
-.IndexPage #Index,
-.FramedIndexPage #Index,
-.FramedSearchResultsPage #Index {
-    padding: 15px;
-    }
-
-.IndexPage #Index {
-    border-width: 0 0 1px 1px;
-    border-style: solid;
-    border-color: #000000;
-    font-size: 8pt;  /* To make 27ex match the menu's 27ex. */
-    margin-left: 27ex;
-    }
-
-
-    .IPageTitle {
-        font-size: 20pt; font-weight: bold;
-        color: #FFFFFF; background-color: #7070C0;
-        padding: 10px 15px 10px 15px;
-        border-width: 0 0 3px 0; border-color: #000000; border-style: solid;
-        margin: -15px -15px 0 -15px }
-
-    .FramedSearchResultsPage .IPageTitle {
-        margin-bottom: 15px;
-        }
-
-    .INavigationBar {
-        text-align: center;
-        background-color: #FFFFF0;
-        padding: 5px;
-        border-bottom: solid 1px black;
-        margin: 0 -15px 15px -15px;
-        }
-
-    .INavigationBar a {
-        font-weight: bold }
-
-    .IHeading {
-        font-size: 14pt; font-weight: bold;
-        padding: 2.5em 0 .5em 0;
-        text-align: center;
-        width: 3.5ex;
-        }
-    #IFirstHeading {
-        padding-top: 0;
-        }
-
-    .IEntry {
-        padding-left: 1ex;
-        }
-    .PopupSearchResultsPage .IEntry {
-        font-size: 8pt;
-        padding: 1px 5px;
-        }
-    .PopupSearchResultsPage .Opera9 .IEntry,
-    .FramedSearchResultsPage .Opera9 .IEntry {
-        text-align: left;
-        }
-    .FramedSearchResultsPage .IEntry {
-        padding: 0;
-        }
-
-    .ISubIndex {
-        padding-left: 3ex; padding-bottom: .5em }
-    .PopupSearchResultsPage .ISubIndex {
-        display: none;
-        }
-
-    /*  While it may cause some entries to look like links when they aren't, I found it's much easier to read the
-         index if everything's the same color.  */
-    .ISymbol {
-        font-weight: bold; color: #900000  }
-
-    .IndexPage .ISymbolPrefix,
-    .FramedIndexPage .ISymbolPrefix {
-        text-align: right;
-        color: #C47C7C;
-        background-color: #F8F8F8;
-        border-right: 3px solid #E0E0E0;
-        border-left: 1px solid #E0E0E0;
-        padding: 0 1px 0 2px;
-        }
-    .PopupSearchResultsPage .ISymbolPrefix,
-    .FramedSearchResultsPage .ISymbolPrefix {
-        color: #900000;
-        }
-    .PopupSearchResultsPage .ISymbolPrefix {
-        font-size: 8pt;
-        }
-
-    .IndexPage #IFirstSymbolPrefix,
-    .FramedIndexPage #IFirstSymbolPrefix {
-        border-top: 1px solid #E0E0E0;
-        }
-    .IndexPage #ILastSymbolPrefix,
-    .FramedIndexPage #ILastSymbolPrefix {
-        border-bottom: 1px solid #E0E0E0;
-        }
-    .IndexPage #IOnlySymbolPrefix,
-    .FramedIndexPage #IOnlySymbolPrefix {
-        border-top: 1px solid #E0E0E0;
-        border-bottom: 1px solid #E0E0E0;
-        }
-
-    a.IParent,
-    a.IFile {
-        display: block;
-        }
-
-    .PopupSearchResultsPage .SRStatus {
-        padding: 2px 5px;
-        font-size: 8pt;
-        font-style: italic;
-        }
-    .FramedSearchResultsPage .SRStatus {
-        font-size: 8pt;
-        font-style: italic;
-        }
-
-    .SRResult {
-        display: none;
-        }
-
-
-
-#Footer {
-    font-size: 8pt;
-    color: #989898;
-    text-align: right;
-    }
-
-#Footer p {
-    text-indent: 0;
-    margin-bottom: .5em;
-    }
-
-.ContentPage #Footer,
-.IndexPage #Footer {
-    text-align: right;
-    margin: 2px;
-    }
-
-.FramedMenuPage #Footer {
-    text-align: center;
-    margin: 5em 10px 10px 10px;
-    padding-top: 1em;
-    border-top: 1px solid #C8C8C8;
-    }
-
-    #Footer a:link,
-    #Footer a:hover,
-    #Footer a:visited { color: #989898 }
-    #Footer a:active { color: #A00000 }
-
-
-
-.prettyprint .kwd { color: #800000; }  /* keywords */
-
-    .prettyprint.PDefaultValue .kwd,
-    .prettyprint.PDefaultValuePrefix .kwd,
-    .prettyprint.PTypePrefix .kwd {
-        color: #C88F8F;
-        }
-
-.prettyprint .com { color: #008000; }  /* comments */
-
-    .prettyprint.PDefaultValue .com,
-    .prettyprint.PDefaultValuePrefix .com,
-    .prettyprint.PTypePrefix .com {
-        color: #8FC88F;
-        }
-
-.prettyprint .str { color: #0000B0; }  /* strings */
-.prettyprint .lit { color: #0000B0; }  /* literals */
-
-    .prettyprint.PDefaultValue .str,
-    .prettyprint.PDefaultValuePrefix .str,
-    .prettyprint.PTypePrefix .str,
-    .prettyprint.PDefaultValue .lit,
-    .prettyprint.PDefaultValuePrefix .lit,
-    .prettyprint.PTypePrefix .lit {
-        color: #8F8FC0;
-        }
-
-.prettyprint .typ { color: #000000; }  /* types */
-.prettyprint .pun { color: #000000; }  /* punctuation */
-.prettyprint .pln { color: #000000; }  /* punctuation */
-
-    .prettyprint.PDefaultValue .typ,
-    .prettyprint.PDefaultValuePrefix .typ,
-    .prettyprint.PTypePrefix .typ,
-    .prettyprint.PDefaultValue .pun,
-    .prettyprint.PDefaultValuePrefix .pun,
-    .prettyprint.PTypePrefix .pun,
-    .prettyprint.PDefaultValue .pln,
-    .prettyprint.PDefaultValuePrefix .pln,
-    .prettyprint.PTypePrefix .pln {
-        color: #8F8F8F;
-        }
-
-.prettyprint .tag { color: #008; }
-.prettyprint .atn { color: #606; }
-.prettyprint .atv { color: #080; }
-.prettyprint .dec { color: #606; }
-
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/README.md b/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/README.md
deleted file mode 100644
index 9b9dbbc0..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/README.md
+++ /dev/null
@@ -1,15 +0,0 @@
-Compatiblity with different browsers
-===================================
-**OS: `windows`**<br>
-
-
- Cases               | IE (Win)   | Opera | Chrome | Mozilla | Safari 
- ------------------  | ------- | ----- | ------ | ------- | ------ 
- XHR wrapping        | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)     | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)      |     ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)     | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)
- HTML dom-0 wrapping |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)    |     ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)    | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)
- HTML dom-2 wrapping |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)    |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)     |      ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   | ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png) 
- URL rewriting       |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |   ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)    |     ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)   |    ![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)     |![yes](https://cdn3.iconfinder.com/data/icons/fatcow/32/accept.png)
-
-<pre>Note: Missing tick means, this has not yet been implemented or tested</pre>
-
-
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js b/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js
deleted file mode 100644
index aa548cb3..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js
+++ /dev/null
@@ -1,366 +0,0 @@
-/** 
- * =================================================================
- * Javascript code for OWASP CSRF Protector
- * Task it does: Fetch csrftoken from cookie, and attach it to every
- * 		POST request
- *		Allowed GET url
- *			-- XHR
- *			-- Static Forms
- *			-- URLS (GET only)
- *			-- dynamic forms
- * =================================================================
- */
-
-var CSRFP_FIELD_TOKEN_NAME = 'csrfp_hidden_data_token';
-var CSRFP_FIELD_URLS = 'csrfp_hidden_data_urls';
-
-var CSRFP = {
-	CSRFP_TOKEN: 'csrfp_token',
-	/**
-	 * Array of patterns of url, for which csrftoken need to be added
-	 * In case of GET request also, provided from server
-	 *
-	 * @var string array
-	 */
-	checkForUrls: [],
-	/**
-	 * Function to check if a certain url is allowed to perform the request
-	 * With or without csrf token
-	 *
-	 * @param: string, url
-	 *
-	 * @return: boolean, 	true if csrftoken is not needed
-	 * 						false if csrftoken is needed
-	 */
-	_isValidGetRequest: function(url) {
-		for (var i = 0; i < CSRFP.checkForUrls.length; i++) {
-			var match = CSRFP.checkForUrls[i].exec(url);
-			if (match !== null && match.length > 0) {
-				return false;
-			}
-		}
-		return true;
-	},
-	/** 
-	 * function to get Auth key from cookie Andreturn it to requesting function
-	 *
-	 * @param: void
-	 *
-	 * @return: string, csrftoken retrieved from cookie
-	 */
-	_getAuthKey: function() {
-		var re = new RegExp(CSRFP.CSRFP_TOKEN +"=([^;]+)(;|$)");
-		var RegExpArray = re.exec(document.cookie);
-		
-		if (RegExpArray === null) {
-			return false;
-		}
-		return RegExpArray[1];
-	},
-	/** 
-	 * Function to get domain of any url
-	 *
-	 * @param: string, url
-	 *
-	 * @return: string, domain of url
-	 */
-	_getDomain: function(url) {
-		if (url.indexOf("http://") !== 0 
-			&& url.indexOf("https://") !== 0)
-			return document.domain;
-		return /http(s)?:\/\/([^\/]+)/.exec(url)[2];
-	},
-	/**
-	 * Function to create and return a hidden input element
-	 * For stroing the CSRFP_TOKEN
-	 *
-	 * @param void
-	 *
-	 * @return input element
-	 */
-	_getInputElt: function() {
-		var hiddenObj = document.createElement("input");
-		hiddenObj.setAttribute('name', CSRFP.CSRFP_TOKEN);
-		hiddenObj.setAttribute('class', CSRFP.CSRFP_TOKEN);
-		hiddenObj.type = 'hidden';
-		hiddenObj.value = CSRFP._getAuthKey();
-		return hiddenObj;
-	},
-	/**
-	 * Returns absolute path for relative path
-	 * 
-	 * @param base, base url
-	 * @param relative, relative url
-	 *
-	 * @return absolute path (string)
-	 */
-	_getAbsolutePath: function(base, relative) {
-		var stack = base.split("/");
-		var parts = relative.split("/");
-		// remove current file name (or empty string)
-		// (omit if "base" is the current folder without trailing slash)
-		stack.pop(); 
-			 
-		for (var i = 0; i < parts.length; i++) {
-			if (parts[i] == ".")
-				continue;
-			if (parts[i] == "..")
-				stack.pop();
-			else
-				stack.push(parts[i]);
-		}
-		return stack.join("/");
-	},
-	/** 
-	 * Remove jcsrfp-token run fun and then put them back 
-	 *
-	 * @param function
-	 * @param reference form obj
-	 *
-	 * @retrun function
-	 */
-	_csrfpWrap: function(fun, obj) {
-		return function(event) {
-			// Remove CSRf token if exists
-			if (typeof obj[CSRFP.CSRFP_TOKEN] !== 'undefined') {
-				var target = obj[CSRFP.CSRFP_TOKEN];
-				target.parentNode.removeChild(target);
-			}
-			
-			// Trigger the functions
-			var result = fun.apply(this, [event]);
-			
-			// Now append the csrfp_token back
-			obj.appendChild(CSRFP._getInputElt());
-			
-			return result;
-		};
-	},
-	/**
-	 * Initialises the CSRFProtector js script
-	 *
-	 * @param void
-	 *
-	 * @return void
-	 */
-	_init: function() {
-		CSRFP.CSRFP_TOKEN = document.getElementById(CSRFP_FIELD_TOKEN_NAME).value;
-		try {
-			CSRFP.checkForUrls = JSON.parse(document.getElementById(CSRFP_FIELD_URLS).value);
-		} catch (err) {
-			console.error(err);
-			console.error('[ERROR] [CSRF Protector] unable to parse blacklisted url fields.');
-		}
-
-		//convert these rules received from php lib to regex objects
-		for (var i = 0; i < CSRFP.checkForUrls.length; i++) {
-			CSRFP.checkForUrls[i] = CSRFP.checkForUrls[i].replace(/\*/g, '(.*)')
-								.replace(/\//g, "\\/");
-			CSRFP.checkForUrls[i] = new RegExp(CSRFP.checkForUrls[i]);
-		}
-	
-	}
-	
-}; 
-
-//==========================================================
-// Adding tokens, wrappers on window onload
-//==========================================================
-
-function csrfprotector_init() {
-	
-	// Call the init funcion
-	CSRFP._init();
-
-	// definition of basic FORM submit event handler to intercept the form request
-	// and attach a CSRFP TOKEN if it's not already available
-	var BasicSubmitInterceptor = function(event) {
-		if (typeof event.target[CSRFP.CSRFP_TOKEN] === 'undefined') {
-			event.target.appendChild(CSRFP._getInputElt());
-		} else {
-			//modify token to latest value
-			event.target[CSRFP.CSRFP_TOKEN].value = CSRFP._getAuthKey();
-		}
-	}
-
-	//==================================================================
-	// Adding csrftoken to request resulting from <form> submissions
-	// Add for each POST, while for mentioned GET request
-	// TODO - check for method
-	//==================================================================
-	// run time binding
-	document.querySelector('body').addEventListener('submit', function(event) {
-		if (event.target.tagName.toLowerCase() === 'form') {
-			BasicSubmitInterceptor(event);
-		};
-	});
-
-	// intial binding
-	// for(var i = 0; i < document.forms.length; i++) {
-	// 	document.forms[i].addEventListener("submit", BasicSubmitInterceptor);
-	// }
-
-	//==================================================================
-	// Adding csrftoken to request resulting from direct form.submit() call
-	// Add for each POST, while for mentioned GET request
-	// TODO - check for form method
-	//==================================================================
-	HTMLFormElement.prototype.submit_ = HTMLFormElement.prototype.submit;
-	HTMLFormElement.prototype.submit = function() {
-		// check if the FORM already contains the token element
-		if (!this.getElementsByClassName(CSRFP.CSRFP_TOKEN).length)
-			this.appendChild(CSRFP._getInputElt());
-		this.submit_();
-	}
-
-
-	/**
-	 * Add wrapper for HTMLFormElements addEventListener so that any further 
-	 * addEventListens won't have trouble with CSRF token
-	 * todo - check for method
-	 */
-	HTMLFormElement.prototype.addEventListener_ = HTMLFormElement.prototype.addEventListener;
-	HTMLFormElement.prototype.addEventListener = function(eventType, fun, bubble) {
-		if (eventType === 'submit') {
-			var wrapped = CSRFP._csrfpWrap(fun, this);
-			this.addEventListener_(eventType, wrapped, bubble);
-		} else {
-			this.addEventListener_(eventType, fun, bubble);
-		}	
-	}
-
-	/**
-	 * Add wrapper for IE's attachEvent
-	 * todo - check for method
-	 * todo - typeof is now obselete for IE 11, use some other method.
-	 */
-	if (typeof HTMLFormElement.prototype.attachEvent !== 'undefined') {
-		HTMLFormElement.prototype.attachEvent_ = HTMLFormElement.prototype.attachEvent;
-		HTMLFormElement.prototype.attachEvent = function(eventType, fun) {
-			if (eventType === 'onsubmit') {
-				var wrapped = CSRFP._csrfpWrap(fun, this);
-				this.attachEvent_(eventType, wrapped);
-			} else {
-				this.attachEvent_(eventType, fun);
-			}
-		}
-	}
-
-
-	//==================================================================
-	// Wrapper for XMLHttpRequest & ActiveXObject (for IE 6 & below)
-	// Set X-No-CSRF to true before sending if request method is 
-	//==================================================================
-
-	/** 
-	 * Wrapper to XHR open method
-	 * Add a property method to XMLHttpRequst class
-	 * @param: all parameters to XHR open method
-	 * @return: object returned by default, XHR open method
-	 */
-	function new_open(method, url, async, username, password) {
-		this.method = method;
-		var isAbsolute = (url.indexOf("./") === -1) ? true : false;
-		if (!isAbsolute) {
-			var base = location.protocol +'//' +location.host 
-							+ location.pathname;
-			url = CSRFP._getAbsolutePath(base, url);
-		}
-		if (method.toLowerCase() === 'get' 
-			&& !CSRFP._isValidGetRequest(url)) {
-			//modify the url
-			if (url.indexOf('?') === -1) {
-				url += "?" +CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
-			} else {
-				url += "&" +CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
-			}
-		}
-
-		return this.old_open(method, url, async, username, password);
-	}
-
-	/** 
-	 * Wrapper to XHR send method
-	 * Add query paramter to XHR object
-	 *
-	 * @param: all parameters to XHR send method
-	 *
-	 * @return: object returned by default, XHR send method
-	 */
-	function new_send(data) {
-		if (this.method.toLowerCase() === 'post') {
-			if (data !== null && typeof data === 'object') {
-				data.append(CSRFP.CSRFP_TOKEN, CSRFP._getAuthKey());
-			} else {
-				if (typeof data != "undefined") {
-					data += "&";
-				} else {
-					data = "";
-				}
-				data += CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
-			}
-		}
-		return this.old_send(data);
-	}
-
-	if (window.XMLHttpRequest) {
-		// Wrapping
-		XMLHttpRequest.prototype.old_send = XMLHttpRequest.prototype.send;
-		XMLHttpRequest.prototype.old_open = XMLHttpRequest.prototype.open;
-		XMLHttpRequest.prototype.open = new_open;
-		XMLHttpRequest.prototype.send = new_send;
-	}
-	if (typeof ActiveXObject !== 'undefined') {
-		ActiveXObject.prototype.old_send = ActiveXObject.prototype.send;
-		ActiveXObject.prototype.old_open = ActiveXObject.prototype.open;
-		ActiveXObject.prototype.open = new_open;
-		ActiveXObject.prototype.send = new_send;	
-	}
-	//==================================================================
-	// Rewrite existing urls ( Attach CSRF token )
-	// Rules:
-	// Rewrite those urls which matches the regex sent by Server
-	// Ignore cross origin urls & internal links (one with hashtags)
-	// Append the token to those url already containig GET query parameter(s)
-	// Add the token to those which does not contain GET query parameter(s)
-	//==================================================================
-
-	for (var i = 0; i < document.links.length; i++) {
-		document.links[i].addEventListener("mousedown", function(event) {
-			var href = event.target.href;
-			if(typeof href === "string")
-			{
-				var urlDisect = href.split('#');
-				var url = urlDisect[0];
-				var hash = urlDisect[1];
-
-				if(CSRFP._getDomain(url).indexOf(document.domain) === -1
-					|| CSRFP._isValidGetRequest(url)) {
-					//cross origin or not to be protected by rules -- ignore
-					return;
-				}
-
-				if (url.indexOf('?') !== -1) {
-					if(url.indexOf(CSRFP.CSRFP_TOKEN) === -1) {
-						url += "&" +CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
-					} else {
-						url = url.replace(new RegExp(CSRFP.CSRFP_TOKEN +"=.*?(&|$)", 'g'),
-							CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey() + "$1");
-					}
-				} else {
-					url += "?" +CSRFP.CSRFP_TOKEN +"=" +CSRFP._getAuthKey();
-				}
-
-				event.target.href = url;
-				if (typeof hash !== 'undefined') {
-					event.target.href += '#' +hash;
-				}
-			}
-		});
-	}
-
-}
-
-window.addEventListener("DOMContentLoaded", function() {
-	csrfprotector_init();
-}, false);
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/index.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/index.php
deleted file mode 100644
index 03e25a69..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/js/index.php
+++ /dev/null
@@ -1,7 +0,0 @@
-<?php
-/**
- * OWASP CSRF Protector Project
- * Code to redirect the user to previosus directory
- * In case a user try to access this directory directly
- */
-header('location: ../index.php');
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/README.md b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/README.md
deleted file mode 100644
index 6562a9d9..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/README.md
+++ /dev/null
@@ -1,21 +0,0 @@
-CSRFProtector configuration
-==========================================
-
- - `CSRFP_TOKEN`: name of the csrf nonce, used for cookie or posting as argument. default: `csrfp_token` (if left blank)
- - `logDirectory`: location of the directory at which log files will be saved **relative** to `config.php` file. This is required for file based logging (default), Not needed, in case you override logging function to implement your logging logic. (View [Overriding logging function](https://github.com/mebjas/CSRF-Protector-PHP/wiki/Overriding-logging-function))
- <br>**Default value:** `../log/`
- - `failedAuthAction`: Action code (integer) for action to be taken in case of failed validation. Has two different values for bot `GET` and `POST`. Different action codes are specified as follows, (<br>**Default:** `0` for both `GET` & `POST`):
-*  `0` Send **403, Forbidden** Header
-*  `1` **Strip the POST/GET query** and forward the request! unset($_POST)
-*  `2` **Redirect to custom error page** mentioned in `errorRedirectionPage` 
-*  `3` **Show custom error message** to user, mentioned in `customErrorMessage` 
-*  `4` Send **500, Internal Server Error** header
-
- - `errorRedirectionPage`: **Absolute url** of the file to which user should be redirected. <br>**Default: null**
- - `customErrorMessage`: **Error Message** to be shown to user. Only this text will be shown!<br>**Default: null**
- - `jsPath`: location of the js file **relative** to `config.php`. <br>**Default:** `../js/csrfprotector.js`
- - `jsUrl`: **Absolute url** of the js file. (See [Setting up](https://github.com/mebjas/CSRF-Protector-PHP/wiki/Setting-up-CSRF-Protector-PHP-in-your-web-application) for more information)
- - `tokenLength`: length of csrfp token, Default `10`
- - `secureCookie`: sets the "secure" HTTPS flag on the cookie. <br>**Default: `false`**
- - `disabledJavascriptMessage`: messaged to be shown if js is disabled (string)
- - `verifyGetFor`: regex rules for those urls for which csrfp validation should be enabled for `GET` requests also. (View [verifyGetFor rules](https://github.com/mebjas/CSRF-Protector-PHP/wiki/verifyGetFor-rules) for more information)
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php
deleted file mode 100755
index 3b9254e7..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/config.php
+++ /dev/null
@@ -1,47 +0,0 @@
-<?php
-/**
- * Configuration file for CSRF Protector
- * Necessary configurations are (library would throw exception otherwise)
- * ---- logDirectory
- * ---- failedAuthAction
- * ---- jsPath
- * ---- jsUrl
- * ---- tokenLength
- */
-
-function get_trusted_hostname() {
-  $js_path = "/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js";
-  if ((isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == "https") || isset($_SERVER['HTTPS'])) {
-    $is_scheme = "https://";
-  }
-  else {
-    $is_scheme = "http://";
-  }
-  if (isset(explode(':', $_SERVER['HTTP_HOST'])[1])) {
-    $is_port = intval(explode(':', $_SERVER['HTTP_HOST'])[1]);
-    if (filter_var($is_port, FILTER_VALIDATE_INT, array("options" => array("min_range" =>1, "max_range" => 65535))) === false) {
-      return false;
-    }
-  }
-  if (!isset($is_port) || $is_port == 0) {
-    $is_port = ($is_scheme == "https://") ? 443 : 80;
-  }
-  return $is_scheme . $GLOBALS['mailcow_hostname'] . ':' . $is_port . $js_path;
-}
-
-return array(
-	"CSRFP_TOKEN" => "MAILCOW_CSRF",
-	"logDirectory" => "../log",
-	"failedAuthAction" => array(
-		"GET" => 1,
-		"POST" => 1),
-	"errorRedirectionPage" => "",
-	"customErrorMessage" => "",
-	"jsPath" => "../js/csrfprotector.js",
-  // Fetching IS_HTTPS from sessions handler
-	"jsUrl" => "/inc/lib/vendor/owasp/csrf-protector-php/js/csrfprotector.js",
-	"tokenLength" => 10,
-	"secureCookie" => false,
-	"disabledJavascriptMessage" => "",
-	 "verifyGetFor" => array()
-);
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/README.md b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/README.md
deleted file mode 100644
index 286bcbad..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/README.md
+++ /dev/null
@@ -1,6 +0,0 @@
-Placeholder for **CSRF Protector - php library**
-=====================================================
-
-**Dependency:** `None`<br>
-**Configuration-File:** `../config.php`<br>
-**Configuration-Format:** `PHP ARRAY`<br>
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php
deleted file mode 100755
index c09a5b03..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php
+++ /dev/null
@@ -1,536 +0,0 @@
-<?php
-
-if (!defined('__CSRF_PROTECTOR__')) {
-	define('__CSRF_PROTECTOR__', true); 	// to avoid multiple declaration errors
-
-	// name of HTTP POST variable for authentication
-	define("CSRFP_TOKEN","csrfp_token");
-
-	// We insert token name and list of url patterns for which
-	// GET requests are validated against CSRF as hidden input fields
-	// these are the names of the input fields
-	define("CSRFP_FIELD_TOKEN_NAME", "csrfp_hidden_data_token");
-	define("CSRFP_FIELD_URLS", "csrfp_hidden_data_urls");
-
-	/**
-	 * child exception classes
-	 */
-	class configFileNotFoundException extends \exception {};
-	class logDirectoryNotFoundException extends \exception {};
-	class jsFileNotFoundException extends \exception {};
-	class logFileWriteError extends \exception {};
-	class baseJSFileNotFoundExceptio extends \exception {};
-	class incompleteConfigurationException extends \exception {};
-	class alreadyInitializedException extends \exception {};
-
-	class csrfProtector
-	{
-		/*
-		 * Variable: $cookieExpiryTime
-		 * expiry time for cookie
-		 * @var int
-		 */
-		public static $cookieExpiryTime = 1800;	//30 minutes
-
-		/*
-		 * Variable: $isSameOrigin
-		 * flag for cross origin/same origin request
-		 * @var bool
-		 */
-		private static $isSameOrigin = true;
-
-		/*
-		 * Variable: $isValidHTML
-		 * flag to check if output file is a valid HTML or not
-		 * @var bool
-		 */
-		private static $isValidHTML = false;
-
-		/*
-		 * Variable: $requestType
-		 * Varaible to store weather request type is post or get
-		 * @var string
-		 */
-		protected static $requestType = "GET";
-
-		/*
-		 * Variable: $config
-		 * config file for CSRFProtector
-		 * @var int Array, length = 6
-		 * Property: #1: failedAuthAction (int) => action to be taken in case autherisation fails
-		 * Property: #2: logDirectory (string) => directory in which log will be saved
-		 * Property: #3: customErrorMessage (string) => custom error message to be sent in case
-		 *						of failed authentication
-		 * Property: #4: jsFile (string) => location of the CSRFProtector js file
-		 * Property: #5: tokenLength (int) => default length of hash
-		 * Property: #6: disabledJavascriptMessage (string) => error message if client's js is disabled
-		 */
-		public static $config = array();
-
-		/*
-		 * Variable: $requiredConfigurations
-		 * Contains list of those parameters that are required to be there
-		 * 	in config file for csrfp to work
-		 */
-		public static $requiredConfigurations  = array('logDirectory', 'failedAuthAction', 'jsPath', 'jsUrl', 'tokenLength');
-		
-		/*
-		 *	Function: init
-	 	 *
-		 *	function to initialise the csrfProtector work flow
-		 *
-		 *	Parameters:
-		 *	$length - length of CSRF_AUTH_TOKEN to be generated
-		 *	$action - int array, for different actions to be taken in case of failed validation
-		 *
-		 *	Returns:
-		 *		void
-		 *
-		 *	Throws:
-		 *		configFileNotFoundException - when configuration file is not found
-		 * 		incompleteConfigurationException - when all required fields in config
-		 *											file are not available
-		 *
-		 */
-		public static function init($length = null, $action = null)
-		{
-			/*
-			 * Check if init has already been called.
-			 */
-			 if (count(self::$config) > 0) {
-				 throw new alreadyInitializedException("OWASP CSRFProtector: library was already initialized.");
-			 }
-
-			/*
-			 * if mod_csrfp already enabled, no verification, no filtering
-			 * Already done by mod_csrfp
-			 */
-			if (getenv('mod_csrfp_enabled'))
-				return;
-
-			//start session in case its not
-			if (session_id() == '')
-			    session_start();
-
-			/*
-			 * load configuration file and properties
-			 * Check locally for a config.php then check for 
-			 * a config/csrf_config.php file in the root folder
-			 * for composer installations
-			 */
-			$standard_config_location = __DIR__ ."/../config.php";
-			$composer_config_location = __DIR__ ."/../../../../../config/csrf_config.php";
-
-			if (file_exists($standard_config_location)) {
-				self::$config = include($standard_config_location);
-			} elseif(file_exists($composer_config_location)) {
-				self::$config = include($composer_config_location);
-			} else {
-				throw new configFileNotFoundException("OWASP CSRFProtector: configuration file not found for CSRFProtector!");
-			}
-
-			//overriding length property if passed in parameters
-			if ($length != null)
-				self::$config['tokenLength'] = intval($length);
-			
-			//action that is needed to be taken in case of failed authorisation
-			if ($action != null)
-				self::$config['failedAuthAction'] = $action;
-
-			if (self::$config['CSRFP_TOKEN'] == '')
-				self::$config['CSRFP_TOKEN'] = CSRFP_TOKEN;
-
-			// Validate the config if everythings filled out
-			// TODO: collect all missing values and throw exception together
-			foreach (self::$requiredConfigurations as $value) {
-				if (!isset(self::$config[$value]) || self::$config[$value] == '') {
-					throw new incompleteConfigurationException(
-						sprintf(
-							"OWASP CSRFProtector: Incomplete configuration file, Value: %s missing ",
-							$value
-						)
-					);
-					exit;
-				}
-			}
-
-			// Authorise the incoming request
-			self::authorizePost();
-
-			// Initialize output buffering handler
-			if (!defined('__TESTING_CSRFP__'))
-				ob_start('csrfProtector::ob_handler');
-
-			if (!isset($_COOKIE[self::$config['CSRFP_TOKEN']])
-				|| !isset($_SESSION[self::$config['CSRFP_TOKEN']])
-				|| !is_array($_SESSION[self::$config['CSRFP_TOKEN']])
-				|| !in_array($_COOKIE[self::$config['CSRFP_TOKEN']],
-					$_SESSION[self::$config['CSRFP_TOKEN']]))
-				self::refreshToken();
-
-			// Set protected by CSRF Protector header
-			header('X-CSRF-Protection: OWASP CSRFP 1.0.0');
-		}
-
-		/*
-		 * Function: authorizePost
-		 * function to authorise incoming post requests
-		 *
-		 * Parameters: 
-		 * void
-		 *
-		 * Returns: 
-		 * void
-		 *
-		 * Throws: 
-		 * logDirectoryNotFoundException - if log directory is not found
-		 */
-		public static function authorizePost()
-		{
-			//#todo this method is valid for same origin request only, 
-			//enable it for cross origin also sometime
-			//for cross origin the functionality is different
-			if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-
-				//set request type to POST
-				self::$requestType = "POST";
-
-				//currently for same origin only
-				if (!(isset($_POST[self::$config['CSRFP_TOKEN']]) 
-					&& isset($_SESSION[self::$config['CSRFP_TOKEN']])
-					&& (self::isValidToken($_POST[self::$config['CSRFP_TOKEN']]))
-					)) {
-
-					//action in case of failed validation
-					self::failedValidationAction();			
-				} else {
-					self::refreshToken();	//refresh token for successfull validation
-				}
-			} else if (!static::isURLallowed()) {
-				
-				//currently for same origin only
-				if (!(isset($_GET[self::$config['CSRFP_TOKEN']]) 
-					&& isset($_SESSION[self::$config['CSRFP_TOKEN']])
-					&& (self::isValidToken($_GET[self::$config['CSRFP_TOKEN']]))
-					)) {
-
-					//action in case of failed validation
-					self::failedValidationAction();			
-				} else {
-					self::refreshToken();	//refresh token for successfull validation
-				}
-			}	
-		}
-
-		/*
-		 * Function: isValidToken
-		 * function to check the validity of token in session array
-		 * Function also clears all tokens older than latest one
-		 *
-		 * Parameters: 
-		 * $token - the token sent with GET or POST payload
-		 *
-		 * Returns: 
-		 * bool - true if its valid else false
-		 */
-		private static function isValidToken($token) {
-			if (!isset($_SESSION[self::$config['CSRFP_TOKEN']])) return false;
-			if (!is_array($_SESSION[self::$config['CSRFP_TOKEN']])) return false;
-			foreach ($_SESSION[self::$config['CSRFP_TOKEN']] as $key => $value) {
-				if ($value == $token) {
-
-					// Clear all older tokens assuming they have been consumed
-					foreach ($_SESSION[self::$config['CSRFP_TOKEN']] as $_key => $_value) {
-						if ($_value == $token) break;
-						array_shift($_SESSION[self::$config['CSRFP_TOKEN']]);
-					}
-					return true;
-				}
-			}
-
-			return false;
-		}
-
-		/*
-		 * Function: failedValidationAction
-		 * function to be called in case of failed validation
-		 * performs logging and take appropriate action
-		 *
-		 * Parameters: 
-		 * void
-		 *
-		 * Returns: 
-		 * void
-		 */
-		private static function failedValidationAction()
-		{
-			if (!file_exists(__DIR__ ."/../" .self::$config['logDirectory']))
-				throw new logDirectoryNotFoundException("OWASP CSRFProtector: Log Directory Not Found!");
-		
-			//call the logging function
-			static::logCSRFattack();
-
-			//#todo: ask mentors if $failedAuthAction is better as an int or string
-			//default case is case 0
-			switch (self::$config['failedAuthAction'][self::$requestType]) {
-				case 0:
-					//send 403 header
-					header('HTTP/1.0 403 Forbidden');
-					exit("<h2>403 Access Forbidden by CSRFProtector!</h2>");
-					break;
-				case 1:
-					//unset the query parameters and forward
-					if (self::$requestType === 'GET') {
-						$_GET = array();
-					} else {
-						$_POST = array();
-					}
-					break;
-				case 2:
-					//redirect to custom error page
-					$location  = self::$config['errorRedirectionPage'];
-					header("location: $location");
-				case 3:
-					//send custom error message
-					exit(self::$config['customErrorMessage']);
-					break;
-				case 4:
-					//send 500 header -- internal server error
-					header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error', true, 500);
-					exit("<h2>500 Internal Server Error!</h2>");
-					break;
-				default:
-					//unset the query parameters and forward
-					if (self::$requestType === 'GET') {
-						$_GET = array();
-					} else {
-						$_POST = array();
-					}
-					break;
-			}		
-		}
-
-		/*
-		 * Function: refreshToken
-		 * Function to set auth cookie
-		 *
-		 * Parameters: 
-		 * void
-		 *
-		 * Returns: 
-		 * void
-		 */
-		public static function refreshToken()
-		{
-			$token = self::generateAuthToken();
-
-			if (!isset($_SESSION[self::$config['CSRFP_TOKEN']])
-				|| !is_array($_SESSION[self::$config['CSRFP_TOKEN']]))
-				$_SESSION[self::$config['CSRFP_TOKEN']] = array();
-
-			//set token to session for server side validation
-			array_push($_SESSION[self::$config['CSRFP_TOKEN']], $token);
-
-			//set token to cookie for client side processing
-			setcookie(self::$config['CSRFP_TOKEN'], 
-				$token, 
-				time() + self::$cookieExpiryTime,
-				'',
-				'',
-				(array_key_exists('secureCookie', self::$config) ? (bool)self::$config['secureCookie'] : false));
-		}
-
-		/*
-		 * Function: generateAuthToken
-		 * function to generate random hash of length as given in parameter
-		 * max length = 128
-		 *
-		 * Parameters: 
-		 * length to hash required, int
-		 *
-		 * Returns:
-		 * string, token
-		 */
-		public static function generateAuthToken()
-		{
-			// todo - make this a member method / configurable
-			$randLength = 64;
-			
-			//if config tokenLength value is 0 or some non int
-			if (intval(self::$config['tokenLength']) == 0) {
-				self::$config['tokenLength'] = 32;	//set as default
-			}
-
-			//#todo - if $length > 128 throw exception 
-
-			if (function_exists("random_bytes")) {
-				$token = bin2hex(random_bytes($randLength));
-			} elseif (function_exists("openssl_random_pseudo_bytes")) {
-				$token = bin2hex(openssl_random_pseudo_bytes($randLength));
-			} else {
-				$token = '';
-				for ($i = 0; $i < 128; ++$i) {
-					$r = mt_rand (0, 35);
-					if ($r < 26) {
-						$c = chr(ord('a') + $r);
-					} else { 
-						$c = chr(ord('0') + $r - 26);
-					}
-					$token .= $c;
-				}
-			}
-			return substr($token, 0, self::$config['tokenLength']);
-		}
-
-		/*
-		 * Function: ob_handler
-		 * Rewrites <form> on the fly to add CSRF tokens to them. This can also
-		 * inject our JavaScript library.
-		 *
-		 * Parameters: 
-		 * $buffer - output buffer to which all output are stored
-		 * $flag - INT
-		 *
-		 * Return:
-		 * string, complete output buffer
-		 */
-		public static function ob_handler($buffer, $flags)
-		{
-			// Even though the user told us to rewrite, we should do a quick heuristic
-		    // to check if the page is *actually* HTML. We don't begin rewriting until
-		    // we hit the first <html tag.
-		    if (!self::$isValidHTML) {
-		        // not HTML until proven otherwise
-		        if (stripos($buffer, '<html') !== false) {
-		            self::$isValidHTML = true; 
-		        } else {
-		            return $buffer;
-		        }
-		    }
-		    
-		    // TODO: statically rewrite all forms as well so that if a form is submitted
-		    // before the js has worked on, it will still have token to send
-		    // @priority: medium @labels: important @assign: mebjas
-		    // @deadline: 1 week
-
-		    //add a <noscript> message to outgoing HTML output,
-		    //informing the user to enable js for CSRFProtector to work
-		    //best section to add, after <body> tag
-		    $buffer = preg_replace("/<body[^>]*>/", "$0 <noscript>" .self::$config['disabledJavascriptMessage'] .
-		    	"</noscript>", $buffer);
-
-		    $hiddenInput = '<input type="hidden" id="' . CSRFP_FIELD_TOKEN_NAME.'" value="' 
-		    				.self::$config['CSRFP_TOKEN'] .'">' .PHP_EOL;
-
-		    $hiddenInput .= '<input type="hidden" id="' .CSRFP_FIELD_URLS .'" value=\''
-		    				.json_encode(self::$config['verifyGetFor']) .'\'>';
-
-		    //implant hidden fields with check url information for reading in javascript
-	        $buffer = str_ireplace('</body>', $hiddenInput . '</body>', $buffer);
-
-		    //implant the CSRFGuard js file to outgoing script
-		    $script = '<script type="text/javascript" src="' . self::$config['jsUrl'] . '"></script>' . PHP_EOL;
-		    $buffer = str_ireplace('</body>', $script . '</body>', $buffer, $count);
-
-		    if (!$count)
-		        $buffer .= $script;
-
-		    return $buffer;
-		}
-
-		/*
-		 * Function: logCSRFattack
-		 * Function to log CSRF Attack
-		 * 
-		 * Parameters: 
-		 * void
-		 *
-		 * Retruns: 
-		 * void
-		 *
-		 * Throws: 
-		 * logFileWriteError - if unable to log an attack
-		 */
-		protected static function logCSRFattack()
-		{
-			//if file doesnot exist for, create it
-			$logFile = fopen(__DIR__ ."/../" .self::$config['logDirectory']
-			."/" .date("m-20y") .".log", "a+");
-			
-			//throw exception if above fopen fails
-			if (!$logFile)
-				throw new logFileWriteError("OWASP CSRFProtector: Unable to write to the log file");	
-
-			//miniature version of the log
-			$log = array();
-			$log['timestamp'] = time();
-			$log['HOST'] = $_SERVER['HTTP_HOST'];
-			$log['REQUEST_URI'] = $_SERVER['REQUEST_URI'];
-			$log['requestType'] = self::$requestType;
-
-			if (self::$requestType === "GET")
-				$log['query'] = $_GET;
-			else
-				$log['query'] = $_POST;
-
-			$log['cookie'] = $_COOKIE;
-
-			//convert log array to JSON format to be logged
-			$log = json_encode($log) .PHP_EOL;
-
-			//append log to the file
-			fwrite($logFile, $log);
-
-			//close the file handler
-			fclose($logFile);
-		}
-
-		/*
-		 * Function: getCurrentUrl
-		 * Function to return current url of executing page
-		 * 
-		 * Parameters: 
-		 * void
-		 *
-		 * Returns: 
-		 * string - current url
-		 */
-		private static function getCurrentUrl()
-		{
-			$request_scheme = 'https';
-
-			if (isset($_SERVER['REQUEST_SCHEME'])) {
-				$request_scheme = $_SERVER['REQUEST_SCHEME'];
-			} else {
-				if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') {
-					$request_scheme = 'https';
-				} else {
-					$request_scheme = 'http';
-				}
-			}
-
-			return $request_scheme . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
-		}
-
-		/*
-		 * Function: isURLallowed
-		 * Function to check if a url mataches for any urls
-		 * Listed in config file
-		 *
-		 * Parameters: 
-		 * void
-		 *
-		 * Returns: 
-		 * boolean - true is url need no validation, false if validation needed
-		 */  
-		public static function isURLallowed() {
-			foreach (self::$config['verifyGetFor'] as $key => $value) {
-				$value = str_replace(array('/','*'), array('\/','(.*)'), $value);
-				preg_match('/' .$value .'/', self::getCurrentUrl(), $output);
-				if (count($output) > 0)
-					return false;
-			}
-			return true;
-		}
-	};
-}
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/index.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/index.php
deleted file mode 100644
index 03e25a69..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/csrf/index.php
+++ /dev/null
@@ -1,7 +0,0 @@
-<?php
-/**
- * OWASP CSRF Protector Project
- * Code to redirect the user to previosus directory
- * In case a user try to access this directory directly
- */
-header('location: ../index.php');
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/index.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/index.php
deleted file mode 100644
index 03e25a69..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/libs/index.php
+++ /dev/null
@@ -1,7 +0,0 @@
-<?php
-/**
- * OWASP CSRF Protector Project
- * Code to redirect the user to previosus directory
- * In case a user try to access this directory directly
- */
-header('location: ../index.php');
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/licence.md b/data/web/inc/lib/vendor/owasp/csrf-protector-php/licence.md
deleted file mode 100644
index eba85e5b..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/licence.md
+++ /dev/null
@@ -1,13 +0,0 @@
-Copyright 2014 OWASP Foundation
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/.htaccess b/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/.htaccess
deleted file mode 100644
index 3418e55a..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/.htaccess
+++ /dev/null
@@ -1 +0,0 @@
-deny from all
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/index.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/index.php
deleted file mode 100644
index 03e25a69..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/log/index.php
+++ /dev/null
@@ -1,7 +0,0 @@
-<?php
-/**
- * OWASP CSRF Protector Project
- * Code to redirect the user to previosus directory
- * In case a user try to access this directory directly
- */
-header('location: ../index.php');
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/phpunit.xml.dist b/data/web/inc/lib/vendor/owasp/csrf-protector-php/phpunit.xml.dist
deleted file mode 100644
index 34814a25..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/phpunit.xml.dist
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<phpunit verbose="true">
-    <php>
-        <ini name="memory_limit" value="1024M" />
-        <ini name="error_reporting" value="E_ALL"/>
-    </php>
-    <testsuite name="OWASP CSRF Protector php">
-        <directory>./test/csrfprotector_test.php</directory>
-    </testsuite>
-    <filter>
-        <whitelist processUncoveredFilesFromWhitelist="true">
-        <file>libs/csrf/csrfprotector.php</file>
-        </whitelist>
-    </filter>
-</phpunit>
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/readme.md b/data/web/inc/lib/vendor/owasp/csrf-protector-php/readme.md
deleted file mode 100644
index fa427811..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/readme.md
+++ /dev/null
@@ -1,65 +0,0 @@
-CSRF Protector
-==========================
-[![Todo Status](http://todofy.org/b/mebjas/CSRF-Protector-PHP)](http://todofy.org/r/mebjas/CSRF-Protector-PHP) [![Build Status](https://travis-ci.org/mebjas/CSRF-Protector-PHP.svg?branch=master)](https://travis-ci.org/mebjas/CSRF-Protector-PHP)  [![codecov](https://codecov.io/gh/mebjas/CSRF-Protector-PHP/branch/master/graph/badge.svg)](https://codecov.io/gh/mebjas/CSRF-Protector-PHP)
-<br>CSRF protector php, a standalone php library for csrf mitigation in web applications. Easy to integrate in any php web app. 
-
-Add to your project using packagist
-==========
- Add a `composer.json` file to your project directory
- ```json
- {
-    "require": {
-        "owasp/csrf-protector-php": "dev-master"
-    }
-}
-```
-Then open terminal (or command prompt), move to project directory and run
-```shell
-composer install
-```
-OR
-```
-php composer.phar install
-```
-This will add CSRFP (library will be downloaded at ./vendor/owasp/csrf-protector-php) to your project directory. View [packagist.org](https://packagist.org/) for more help with composer!
-
-Configuration
-==========
-For composer installations: Copy the config.sample.php file into your root folder at config/csrf_config.php
-For non-composer installations: Copy the libs/csrf/config.sample.php file into libs/csrc/config.php
-Edit config accordingly. See Detailed Information link below.
-
-How to use
-==========
-```php
-<?php
-include_once __DIR__ .'/vendor/owasp/csrf-protector-php/libs/csrf/csrfprotector.php';
-
-//Initialise CSRFGuard library
-csrfProtector::init();
-```
-simply include the library and call the `init()` function!
-
-### Detailed information @[Project wiki on github](https://github.com/mebjas/CSRF-Protector-PHP/wiki)
-
-### More information @[OWASP wiki](https://www.owasp.org/index.php/CSRFProtector_Project)
-
-### Contribute
-
-* Fork the repo
-* Create your branch
-* Commit your changes
-* Create a pull request
-
-### Note
-This version (`master`) requires the clients to have Javascript enabled. However if your application can work without javascript & you require a nojs version of this library, check our [nojs version](https://github.com/mebjas/CSRF-Protector-PHP/tree/nojs-support)
-
-## Discussion
-Join Discussions on the [mailing list](https://lists.owasp.org/mailman/listinfo/owasp-csrfprotector)
-
-For any other queries contact me at: **minhaz@owasp.org**
-
-### FAQ:
-1. What happens if token expires? - https://github.com/mebjas/CSRF-Protector-PHP/wiki/what-if-token-expires
-2. Secure flag in cookie? - https://github.com/mebjas/CSRF-Protector-PHP/issues/54
-3. NoJS support? - https://github.com/mebjas/CSRF-Protector-PHP/tree/nojs-support
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/config.test.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/config.test.php
deleted file mode 100644
index 14bc1828..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/config.test.php
+++ /dev/null
@@ -1,27 +0,0 @@
-<?php
-/**
- * Configuration file for CSRF Protector
- * Necessary configurations are (library would throw exception otherwise)
- * ---- logDirectory
- * ---- failedAuthAction
- * ---- jsPath
- * ---- jsUrl
- * ---- tokenLength
- */
-return array(
-	"CSRFP_TOKEN" => "csrfp_token",
-	"logDirectory" => "../log",
-	"failedAuthAction" => array(
-		"GET" => 0,
-		"POST" => 0),
-	"errorRedirectionPage" => "",
-	"customErrorMessage" => "",
-	"jsPath" => "../js/csrfprotector.js",
-	"jsUrl" => "http://localhost/csrfp/js/csrfprotector.js",
-	"tokenLength" => 10,
-	"secureCookie" => false,
-	"disabledJavascriptMessage" => "This site attempts to protect users against <a href=\"https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29\">
-	Cross-Site Request Forgeries </a> attacks. In order to do so, you must have JavaScript enabled in your web browser otherwise this site will fail to work correctly for you.
-	 See details of your web browser for how to enable JavaScript.",
-	 "verifyGetFor" => array()
-);
\ No newline at end of file
diff --git a/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/csrfprotector_test.php b/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/csrfprotector_test.php
deleted file mode 100644
index ca5404e5..00000000
--- a/data/web/inc/lib/vendor/owasp/csrf-protector-php/test/csrfprotector_test.php
+++ /dev/null
@@ -1,534 +0,0 @@
-<?php
-date_default_timezone_set('UTC');
-require_once __DIR__ .'/../libs/csrf/csrfprotector.php';
-
-if (intval(phpversion('tidy')) >= 7 && !class_exists('\PHPUnit_Framework_TestCase', true)) {
-    class_alias('\PHPUnit\Framework\TestCase', '\PHPUnit_Framework_TestCase');
-}
-
-/**
- * Wrapper class for testing purpose
- */
-class csrfp_wrapper extends csrfprotector
-{
-    /**
-     * Function to provide wrapper methode to set the protected var, requestType
-     */
-    public static function changeRequestType($type)
-    {
-        self::$requestType = $type;
-    }
-
-    /**
-     * Function to check for a string value anywhere within HTTP response headers
-     * Returns true on first match of $needle in header names or values
-     */
-    public static function checkHeader($needle)
-    {
-        $haystack = xdebug_get_headers();
-        foreach ($haystack as $key => $value) {
-            if (strpos($value, $needle) !== false)
-                return true;
-        }
-        return false;
-    }
-
-    /**
-     * Function to return the string value of the last response header
-     * identified by name $needle
-     */
-    public static function getHeaderValue($needle)
-    {
-        $haystack = xdebug_get_headers();
-        foreach ($haystack as $key => $value) {
-            if (strpos($value, $needle) === 0) {
-                // Deliberately overwrite to accept the last rather than first match
-                // as xdebug_get_headers() will accumulate all set headers
-                list(,$hvalue) = explode(':', $value, 2);
-            }
-        }
-        return $hvalue;
-    } 
-}
-
-/**
- * helper methods
- */
-class Helper {
-    /**
-     * Function to recusively delete a dir
-     */
-    public static function delTree($dir) { 
-        $files = array_diff(scandir($dir), array('.','..')); 
-        foreach ($files as $file) { 
-            (is_dir("$dir/$file")) ? delTree("$dir/$file") : unlink("$dir/$file"); 
-        } 
-        return rmdir($dir); 
-    }
-}
-
-
-/**
- * main test class
- */
-class csrfp_test extends PHPUnit_Framework_TestCase
-{
-    /**
-     * @var to hold current configurations
-     */
-    protected $config = array();
-
-    /**
-     * @var log directory for testing
-     */
-    private $logDir;
-
-    /**
-     * Function to be run before every test*() functions.
-     */
-    public function setUp()
-    {
-        $this->logDir = __DIR__ .'/logs';
-
-        csrfprotector::$config['jsPath'] = '../js/csrfprotector.js';
-        csrfprotector::$config['CSRFP_TOKEN'] = 'csrfp_token';
-        csrfprotector::$config['secureCookie'] = false;
-        csrfprotector::$config['logDirectory'] = '../test/logs';
-
-        $_SERVER['REQUEST_URI'] = 'temp';       // For logging
-        $_SERVER['REQUEST_SCHEME'] = 'http';    // For authorizePost
-        $_SERVER['HTTP_HOST'] = 'test';         // For isUrlAllowed
-        $_SERVER['PHP_SELF'] = '/index.php';     // For authorizePost
-        $_POST[csrfprotector::$config['CSRFP_TOKEN']]
-          = $_GET[csrfprotector::$config['CSRFP_TOKEN']] = '123';
-
-        //token mismatch - leading to failed validation
-        $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('abc');
-        $_SERVER['SERVER_PROTOCOL'] = 'HTTP/1.1';
-        $_SERVER['HTTPS'] = null;
-
-        $this->config = include(__DIR__ .'/config.test.php');
-
-        // Create an instance of config file -- for testing
-        $data = file_get_contents(__DIR__ .'/config.test.php');
-        file_put_contents(__DIR__ .'/../libs/config.php', $data);
-
-        if (!defined('__TESTING_CSRFP__')) define('__TESTING_CSRFP__', true);
-    }
-
-    /**
-     * tearDown()
-     */
-    public function tearDown()
-    {
-        unlink(__DIR__ .'/../libs/config.php');
-        if (is_dir(__DIR__ .'/logs'))
-            Helper::delTree(__DIR__ .'/logs');
-    }
-
-    /**
-     * Function to check refreshToken() functionality
-     */
-    public function testRefreshToken()
-    {
-        $val = $_COOKIE[csrfprotector::$config['CSRFP_TOKEN']] = '123abcd';
-        $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('123abcd');
-        csrfProtector::$config['tokenLength'] = 20;
-        csrfProtector::refreshToken();
-
-        $this->assertTrue(strcmp($val, $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][1]) != 0);
-
-        $this->assertTrue(csrfP_wrapper::checkHeader('Set-Cookie'));
-        $this->assertTrue(csrfP_wrapper::checkHeader('csrfp_token'));
-        $this->assertTrue(csrfp_wrapper::checkHeader($_SESSION[csrfprotector::$config['CSRFP_TOKEN']][1]));
-    }
-
-    /**
-     * test secure flag is set in the token cookie when requested
-     */
-    public function testSecureCookie()
-    {
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-        $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('123abcd');
-
-        csrfprotector::$config['secureCookie'] = false;
-        csrfprotector::refreshToken();
-        $this->assertNotRegExp('/; secure/', csrfp_wrapper::getHeaderValue('Set-Cookie'));
-
-        csrfprotector::$config['secureCookie'] = true;
-        csrfprotector::refreshToken();
-        $this->assertRegExp('/; secure/', csrfp_wrapper::getHeaderValue('Set-Cookie'));
-    }
-
-    /**
-     * test authorise post -> log directory exception
-     */
-    public function testAuthorisePost_logdirException()
-    {
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-        csrfprotector::$config['logDirectory'] = 'unknown_location';
-
-        try {
-            csrfprotector::authorizePost();
-        } catch (logDirectoryNotFoundException $ex) {
-            $this->assertTrue(true);
-            return;;
-        }
-        $this->fail('logDirectoryNotFoundException has not been raised.');
-    }
-
-    /**
-     * test authorise post -> action = 403, forbidden
-     */
-    public function testAuthorisePost_failedAction_1()
-    {
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
-        csrfprotector::$config['logDirectory'] = '../log';
-        csrfprotector::$config['failedAuthAction']['POST'] = 0;
-        csrfprotector::$config['failedAuthAction']['GET'] = 0;
-
-        //csrfprotector::authorizePost();
-        $this->markTestSkipped('Cannot add tests as code exit here');
-
-        $_SERVER['REQUEST_METHOD'] = 'GET';
-        csrfp_wrapper::changeRequestType('GET');
-        //csrfprotector::authorizePost();
-
-        $this->markTestSkipped('Cannot add tests as code exit here');
-    }
-
-    /**
-     * test authorise post -> strip $_GET, $_POST
-     */
-    public function testAuthorisePost_failedAction_2()
-    {
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-
-        csrfprotector::$config['logDirectory'] = '../log';
-        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
-        csrfprotector::$config['failedAuthAction']['POST'] = 1;
-        csrfprotector::$config['failedAuthAction']['GET'] = 1;
-
-        $_POST = array('param1' => 1, 'param2' => 2);
-        csrfprotector::authorizePost();
-        $this->assertEmpty($_POST);
-
-        $_SERVER['REQUEST_METHOD'] = 'GET';
-        csrfp_wrapper::changeRequestType('GET');
-        $_GET = array('param1' => 1, 'param2' => 2);
-
-        csrfprotector::authorizePost();
-        $this->assertEmpty($_GET);
-    }
-
-    /**
-     * test authorise post -> redirect
-     */
-    public function testAuthorisePost_failedAction_3()
-    {
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-
-        csrfprotector::$config['logDirectory'] = '../log';
-        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
-        csrfprotector::$config['errorRedirectionPage'] = 'http://test';
-        csrfprotector::$config['failedAuthAction']['POST'] = 2;
-        csrfprotector::$config['failedAuthAction']['GET'] = 2;
-
-        //csrfprotector::authorizePost();
-        $this->markTestSkipped('Cannot add tests as code exit here');
-
-        $_SERVER['REQUEST_METHOD'] = 'GET';
-        csrfp_wrapper::changeRequestType('GET');
-        //csrfprotector::authorizePost();
-        $this->markTestSkipped('Cannot add tests as code exit here');
-    }
-
-    /**
-     * test authorise post -> error message & exit
-     */
-    public function testAuthorisePost_failedAction_4()
-    {
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-
-        csrfprotector::$config['logDirectory'] = '../log';
-        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
-        csrfprotector::$config['customErrorMessage'] = 'custom error message';
-        csrfprotector::$config['failedAuthAction']['POST'] = 3;
-        csrfprotector::$config['failedAuthAction']['POST'] = 3;
-
-        //csrfprotector::authorizePost();
-        $this->markTestSkipped('Cannot add tests as code exit here');
-
-        $_SERVER['REQUEST_METHOD'] = 'GET';
-        csrfp_wrapper::changeRequestType('GET');
-        //csrfprotector::authorizePost();
-        $this->markTestSkipped('Cannot add tests as code exit here');
-    }
-
-    /**
-     * test authorise post -> 500 internal server error
-     */
-    public function testAuthorisePost_failedAction_5()
-    {
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-
-        csrfprotector::$config['logDirectory'] = '../log';
-        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
-        csrfprotector::$config['failedAuthAction']['POST'] = 4;
-        csrfprotector::$config['failedAuthAction']['GET'] = 4;
-
-        //csrfprotector::authorizePost();
-        //$this->markTestSkipped('Cannot add tests as code exit here');
-
-        $_SERVER['REQUEST_METHOD'] = 'GET';
-        csrfp_wrapper::changeRequestType('GET');
-        //csrfprotector::authorizePost();
-        //csrfp_wrapper::checkHeader('500');
-        //$this->markTestSkipped('Cannot add tests as code exit here');
-    }
-
-    /**
-     * test authorise post -> default action: strip $_GET, $_POST
-     */
-    public function testAuthorisePost_failedAction_6()
-    {
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-
-        csrfprotector::$config['logDirectory'] = '../log';
-        csrfprotector::$config['verifyGetFor'] = array('http://test/index*');
-        csrfprotector::$config['failedAuthAction']['POST'] = 10;
-        csrfprotector::$config['failedAuthAction']['GET'] = 10;
-
-        $_POST = array('param1' => 1, 'param2' => 2);
-        csrfprotector::authorizePost();
-        $this->assertEmpty($_POST);
-
-        $_SERVER['REQUEST_METHOD'] = 'GET';
-        csrfp_wrapper::changeRequestType('GET');
-        $_GET = array('param1' => 1, 'param2' => 2);
-
-        csrfprotector::authorizePost();
-        $this->assertEmpty($_GET);
-    }
-
-    /**
-     * test authorise success
-     */
-    public function testAuthorisePost_success()
-    {
-
-        $_SERVER['REQUEST_METHOD'] = 'POST';
-        $_POST[csrfprotector::$config['CSRFP_TOKEN']]
-            = $_GET[csrfprotector::$config['CSRFP_TOKEN']]
-            = $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0];
-        $temp = $_SESSION[csrfprotector::$config['CSRFP_TOKEN']];
-
-        csrfprotector::authorizePost(); //will create new session and cookies
-        $this->assertFalse($temp == $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0]);
-        $this->assertTrue(csrfp_wrapper::checkHeader('Set-Cookie'));
-        $this->assertTrue(csrfp_wrapper::checkHeader('csrfp_token'));
-        // $this->assertTrue(csrfp_wrapper::checkHeader($_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0]));  // Combine these 3 later
-
-        // For get method
-        $_SERVER['REQUEST_METHOD'] = 'GET';
-        csrfp_wrapper::changeRequestType('GET');
-        $_POST[csrfprotector::$config['CSRFP_TOKEN']]
-            = $_GET[csrfprotector::$config['CSRFP_TOKEN']]
-            = $_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0];
-        $temp = $_SESSION[csrfprotector::$config['CSRFP_TOKEN']];
-
-        csrfprotector::authorizePost(); //will create new session and cookies
-        $this->assertFalse($temp == $_SESSION[csrfprotector::$config['CSRFP_TOKEN']]);
-        $this->assertTrue(csrfp_wrapper::checkHeader('Set-Cookie'));
-        $this->assertTrue(csrfp_wrapper::checkHeader('csrfp_token'));
-        // $this->assertTrue(csrfp_wrapper::checkHeader($_SESSION[csrfprotector::$config['CSRFP_TOKEN']][0]));  // Combine these 3 later
-    }
-
-    /**
-     * test for generateAuthToken()
-     */
-    public function testGenerateAuthToken()
-    {
-        csrfprotector::$config['tokenLength'] = 20;
-        $token1 = csrfprotector::generateAuthToken();
-        $token2 = csrfprotector::generateAuthToken();
-
-        $this->assertFalse($token1 == $token2);
-        $this->assertEquals(strlen($token1), 20);
-        $this->assertRegExp('/^[a-z0-9]{20}$/', $token1);
-
-        csrfprotector::$config['tokenLength'] = 128;
-        $token = csrfprotector::generateAuthToken();
-        $this->assertEquals(strlen($token), 128);
-        $this->assertRegExp('/^[a-z0-9]{128}$/', $token);
-    }
-
-    /**
-     * test ob_handler_function
-     */
-    public function testob_handler()
-    {
-        csrfprotector::$config['disabledJavascriptMessage'] = 'test message';
-        csrfprotector::$config['jsUrl'] = 'http://localhost/test/csrf/js/csrfprotector.js';
-
-        $testHTML = '<html>';
-        $testHTML .= '<head><title>1</title>';
-        $testHTML .= '<body onload="test()">';
-        $testHTML .= '-- some static content --';
-        $testHTML .= '-- some static content --';
-        $testHTML .= '</body>';
-        $testHTML .= '</head></html>';
-
-        $modifiedHTML = csrfprotector::ob_handler($testHTML, 0);
-        $inpLength = strlen($testHTML);
-        $outLength = strlen($modifiedHTML);
-
-        //Check if file has been modified
-        $this->assertFalse($outLength == $inpLength);
-        $this->assertTrue(strpos($modifiedHTML, '<noscript>') !== false);
-        $this->assertTrue(strpos($modifiedHTML, '<script') !== false);
-
-    }
-
-    /**
-     * test ob_handler_function for output filter
-     */
-    public function testob_handler_positioning()
-    {
-        csrfprotector::$config['disabledJavascriptMessage'] = 'test message';
-        csrfprotector::$config['jsUrl'] = 'http://localhost/test/csrf/js/csrfprotector.js';
-
-        $testHTML = '<html>';
-        $testHTML .= '<head><title>1</title>';
-        $testHTML .= '<body onload="test()">';
-        $testHTML .= '-- some static content --';
-        $testHTML .= '-- some static content --';
-        $testHTML .= '</body>';
-        $testHTML .= '</head></html>';
-
-        $modifiedHTML = csrfprotector::ob_handler($testHTML, 0);
-
-        $this->assertEquals(strpos($modifiedHTML, '<body') + 23, strpos($modifiedHTML, '<noscript'));
-        // Check if content before </body> is </script> #todo
-        //$this->markTestSkipped('todo, add appropriate test here');
-    }
-
-    /**
-     * testing exception in logging function
-     */
-    public function testgetCurrentUrl()
-    {
-        $stub = new ReflectionClass('csrfprotector');
-        $method = $stub->getMethod('getCurrentUrl');
-        $method->setAccessible(true);
-        $this->assertEquals($method->invoke(null, array()), "http://test/index.php");
-
-        $tmp_request_scheme = $_SERVER['REQUEST_SCHEME'];
-        unset($_SERVER['REQUEST_SCHEME']);
-
-        // server-https is not set
-        $this->assertEquals($method->invoke(null, array()), "http://test/index.php");
-
-        $_SERVER['HTTPS'] = 'on';
-        $this->assertEquals($method->invoke(null, array()), "https://test/index.php");
-        unset($_SERVER['HTTPS']);
-
-        $_SERVER['REQUEST_SCHEME'] = "https";
-        $this->assertEquals($method->invoke(null, array()), "https://test/index.php");
-
-        $_SERVER['REQUEST_SCHEME'] = $tmp_request_scheme;
-    }
-
-    /**
-     * testing exception in logging function
-     */
-    public function testLoggingException()
-    {
-        $stub = new ReflectionClass('csrfprotector');
-        $method = $stub->getMethod('logCSRFattack');
-        $method->setAccessible(true);
-
-        try {
-            $method->invoke(null, array());
-            $this->fail("logFileWriteError was not caught");
-        } catch (Exception $ex) {
-            // pass
-            $this->assertTrue(true);
-        }
-
-        if (!is_dir($this->logDir))
-            mkdir($this->logDir);
-        $method->invoke(null, array());
-        $this->assertTrue(file_exists($this->logDir ."/" .date("m-20y") .".log"));
-    }
-
-    /**
-     * Tests isUrlAllowed() function for various urls and configuration
-     */
-    public function testisURLallowed()
-    {
-        csrfprotector::$config['verifyGetFor'] = array('http://test/delete*', 'https://test/*');
-
-        $_SERVER['PHP_SELF'] = '/nodelete.php';
-        $this->assertTrue(csrfprotector::isURLallowed());
-
-        $_SERVER['PHP_SELF'] = '/index.php';
-        $this->assertTrue(csrfprotector::isURLallowed('http://test/index.php'));
-
-        $_SERVER['PHP_SELF'] = '/delete.php';
-        $this->assertFalse(csrfprotector::isURLallowed('http://test/delete.php'));
-
-        $_SERVER['PHP_SELF'] = '/delete_user.php';
-        $this->assertFalse(csrfprotector::isURLallowed('http://test/delete_users.php'));
-
-        $_SERVER['REQUEST_SCHEME'] = 'https';
-        $_SERVER['PHP_SELF'] = '/index.php';
-        $this->assertFalse(csrfprotector::isURLallowed('https://test/index.php'));
-
-        $_SERVER['PHP_SELF'] = '/delete_user.php';
-        $this->assertFalse(csrfprotector::isURLallowed('https://test/delete_users.php'));
-    }
-
-    /**
-     * Test for exception thrown when env variable is set by mod_csrfprotector
-     */
-    public function testModCSRFPEnabledException()
-    {
-        putenv('mod_csrfp_enabled=true');
-        $temp = $_COOKIE[csrfprotector::$config['CSRFP_TOKEN']] = 'abc';
-        $_SESSION[csrfprotector::$config['CSRFP_TOKEN']] = array('abc');
-
-        csrfProtector::$config = array();
-        csrfProtector::init();
-
-        // Assuming no config was added
-        $this->assertTrue(count(csrfProtector::$config) == 0);
-        
-        // unset the env variable
-        putenv('mod_csrfp_enabled');
-    }
-
-    /**
-     * Test for exception thrown when init() method is called multiple times
-     */
-    public function testMultipleInitializeException()
-    {
-        csrfProtector::$config = array();
-        $this->assertTrue(count(csrfProtector::$config) == 0);
-
-        $_SERVER['REQUEST_METHOD'] = 'GET';
-        csrfProtector::init();
-
-        $this->assertTrue(count(csrfProtector::$config) == 11);
-        try {
-            csrfProtector::init();
-            $this->fail("alreadyInitializedException not raised");
-        }  catch (alreadyInitializedException $ex) {
-            // pass
-            $this->assertTrue(true);
-        } catch (Exception $ex) {
-            $this->fail("exception other than alreadyInitializedException failed");            
-        }
-    }
-}
diff --git a/data/web/inc/prerequisites.inc.php b/data/web/inc/prerequisites.inc.php
index 19b63e9b..8a96e66e 100644
--- a/data/web/inc/prerequisites.inc.php
+++ b/data/web/inc/prerequisites.inc.php
@@ -16,18 +16,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/lib/vendor/autoload.php';
 $u2f = new u2flib_server\U2F('https://' . $_SERVER['HTTP_HOST']);
 $tfa = new RobThree\Auth\TwoFactorAuth('mailcow UI');
 
-// OWASP CSRF Protector
-$csrfProtector = new csrfProtector;
-class mailcowCsrfProtector extends csrfprotector {
-  public static function logCSRFattack() {
-    $_SESSION['return'] = array(
-      'type' => 'danger',
-      'msg' => 'CSRF violation'
-    );
-  }
-}
-mailcowCsrfProtector::init();
-
 // Redis
 $redis = new Redis();
 $redis->connect('redis-mailcow', 6379);

From 88b0f84f3c950a5fd280edca576a022c8da7bdcc Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 15 May 2017 09:30:33 +0200
Subject: [PATCH 13/15] Minor change

---
 docker-compose.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 93a60f92..d5c4ead0 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -271,8 +271,8 @@ services:
       privileged: true
       network_mode: "host"
       volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
-      - /lib/modules:/lib/modules:ro
+        - /var/run/docker.sock:/var/run/docker.sock:ro
+        - /lib/modules:/lib/modules:ro
 
 networks:
   mailcow-network:

From 4c6cfa66a80e5fef7f57a7c32605e12a78c91fe2 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 15 May 2017 11:36:31 +0200
Subject: [PATCH 14/15] CSRF protection

---
 data/web/admin.php            |  1 +
 data/web/inc/footer.inc.php   |  1 +
 data/web/inc/sessions.inc.php | 51 +++++++++++++++++++++--------------
 data/web/js/admin.js          |  2 +-
 data/web/js/mailbox.js        |  4 +--
 data/web/mailbox.php          |  1 +
 6 files changed, 37 insertions(+), 23 deletions(-)

diff --git a/data/web/admin.php b/data/web/admin.php
index 384e20da..e3f978f0 100644
--- a/data/web/admin.php
+++ b/data/web/admin.php
@@ -351,6 +351,7 @@ $tfa_data = get_tfa();
 <?php
 $lang_admin = json_encode($lang['admin']);
 echo "var lang = ". $lang_admin . ";\n";
+echo "var csrf_token = '". $_SESSION['CSRF']['TOKEN'] . "';\n";
 echo "var pagination_size = '". $PAGINATION_SIZE . "';\n";
 ?>
 </script>
diff --git a/data/web/inc/footer.inc.php b/data/web/inc/footer.inc.php
index 05b7a599..605a4e7c 100644
--- a/data/web/inc/footer.inc.php
+++ b/data/web/inc/footer.inc.php
@@ -225,6 +225,7 @@ $(document).ready(function() {
 			}
 		});
 	});
+  $("<input type='hidden' value='<?=$_SESSION['CSRF']['TOKEN'];?>' />").attr("id", "csrf_token").attr("name", "csrf_token").appendTo("form");
 });
 </script>
 
diff --git a/data/web/inc/sessions.inc.php b/data/web/inc/sessions.inc.php
index b6241839..1b2c986c 100644
--- a/data/web/inc/sessions.inc.php
+++ b/data/web/inc/sessions.inc.php
@@ -15,21 +15,8 @@ else {
 }
 session_set_cookie_params($GLOBALS['SESSION_LIFETIME'], '/', $_SERVER['SERVER_NAME'], $IS_HTTPS, true);
 session_start();
-
-// Handle logouts
-if (isset($_POST["logout"])) {
-  if (isset($_SESSION["dual-login"])) {
-    $_SESSION["mailcow_cc_username"] = $_SESSION["dual-login"]["username"];
-    $_SESSION["mailcow_cc_role"] = $_SESSION["dual-login"]["role"];
-    unset($_SESSION["dual-login"]);
-  }
-  else {
-    session_regenerate_id(true);
-    session_unset();
-    session_destroy();
-    session_write_close();
-    header("Location: /");
-  }
+if (!isset($_SESSION['CSRF']['TOKEN'])) {
+  $_SESSION['CSRF']['TOKEN'] = bin2hex(random_bytes(32));
 }
 
 // Set session IP and UA
@@ -51,12 +38,36 @@ function session_check() {
   if ($_SESSION['SESS_REMOTE_UA'] != $_SERVER['HTTP_USER_AGENT']) {
     return false;
   }
+  if (!empty($_POST)) {
+    if ($_SESSION['CSRF']['TOKEN'] != $_POST['csrf_token']) {
+      return false;
+    }
+    $_SESSION['CSRF']['TOKEN'] = bin2hex(random_bytes(32));
+    $_SESSION['CSRF']['TIME'] = time();
+  }
   return true;
 }
+
 if (isset($_SESSION['mailcow_cc_role']) && session_check() === false) {
-  session_regenerate_id(true);
-  session_unset();
-  session_destroy();
-  session_write_close();
-  header("Location: /");
+  $_SESSION['return'] = array(
+    'type' => 'warning',
+    'msg' => 'Form token invalid or timed out'
+  );
+  $_POST = array();
 }
+
+// Handle logouts
+if (isset($_POST["logout"])) {
+  if (isset($_SESSION["dual-login"])) {
+    $_SESSION["mailcow_cc_username"] = $_SESSION["dual-login"]["username"];
+    $_SESSION["mailcow_cc_role"] = $_SESSION["dual-login"]["role"];
+    unset($_SESSION["dual-login"]);
+  }
+  else {
+    session_regenerate_id(true);
+    session_unset();
+    session_destroy();
+    session_write_close();
+    header("Location: /");
+  }
+}
\ No newline at end of file
diff --git a/data/web/js/admin.js b/data/web/js/admin.js
index 96c189be..711070dd 100644
--- a/data/web/js/admin.js
+++ b/data/web/js/admin.js
@@ -52,7 +52,7 @@ $(document).ready(function() {
         $.ajax({
           type: "POST",
           dataType: "json",
-          data: { "items": JSON.stringify(data_array) },
+          data: { "items": JSON.stringify(data_array), "csrf_token": csrf_token },
           url: '/api/v1/' + api_url,
           jsonp: false,
           complete: function (data) {
diff --git a/data/web/js/mailbox.js b/data/web/js/mailbox.js
index 5bd9a64e..bd802fe9 100644
--- a/data/web/js/mailbox.js
+++ b/data/web/js/mailbox.js
@@ -43,7 +43,7 @@ $(document).ready(function() {
       $.ajax({
         type: "POST",
         dataType: "json",
-        data: { "items": JSON.stringify(data_array), "attr": JSON.stringify(api_attr) },
+        data: { "items": JSON.stringify(data_array), "attr": JSON.stringify(api_attr), "csrf_token": csrf_token },
         url: '/api/v1/' + api_url,
         jsonp: false,
         complete: function (data) {
@@ -76,7 +76,7 @@ $(document).ready(function() {
         $.ajax({
           type: "POST",
           dataType: "json",
-          data: { "items": JSON.stringify(data_array) },
+          data: { "items": JSON.stringify(data_array), "csrf_token": csrf_token },
           url: '/api/v1/' + api_url,
           jsonp: false,
           complete: function (data) {
diff --git a/data/web/mailbox.php b/data/web/mailbox.php
index 6853a9d9..b04ae968 100644
--- a/data/web/mailbox.php
+++ b/data/web/mailbox.php
@@ -172,6 +172,7 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
 <?php
 $lang_mailbox = json_encode($lang['mailbox']);
 echo "var lang = ". $lang_mailbox . ";\n";
+echo "var csrf_token = '". $_SESSION['CSRF']['TOKEN'] . "';\n";
 $role = ($_SESSION['mailcow_cc_role'] == "admin") ? 'admin' : 'domainadmin';
 echo "var role = '". $role . "';\n";
 echo "var pagination_size = '". $PAGINATION_SIZE . "';\n";

From 4007db08625257379a26f88acb4fcd68fe6e2440 Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Tue, 16 May 2017 09:50:15 +0200
Subject: [PATCH 15/15] Fix domain actions

---
 data/web/js/mailbox.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/web/js/mailbox.js b/data/web/js/mailbox.js
index bd802fe9..0ec0d5e2 100644
--- a/data/web/js/mailbox.js
+++ b/data/web/js/mailbox.js
@@ -128,6 +128,7 @@ jQuery(function($){
         {"name":"max_quota_for_mbox","title":lang.mailbox_quota,"breakpoints":"xs sm"},
         {"name":"backupmx","filterable": false,"style":{"maxWidth":"120px","width":"120px"},"title":lang.backup_mx,"breakpoints":"xs sm"},
         {"name":"active","filterable": false,"style":{"maxWidth":"80px","width":"80px"},"title":lang.active},
+        {"name":"action","filterable": false,"sortable": false,"style":{"text-align":"right","maxWidth":"180px","width":"180px"},"type":"html","title":lang.action,"breakpoints":"xs sm"}
       ],
       "rows": $.ajax({
         dataType: 'json',