andryyy
aef15f004a
[Web] Allow CIDR as allowed API networks; other minor fixes
2020-05-04 07:51:50 +02:00
Timo N
048899ad71
[Web] Fixed read write API permissions ( #3465 )
2020-04-11 07:33:13 +02:00
andryyy
8f4540d5d9
[Web] r/o API keys, Pushover integration (can be limited by ACL), other minor changes
2020-04-10 21:00:23 +02:00
andryyy
0ac4281f0e
[Web] Allow to skip IP check for API
2020-02-16 20:08:36 +01:00
ntimo
cb9ab928b3
[Web] Replaced die(); with exit(); due to code conventions
2019-10-04 08:40:24 +02:00
ntimo
8b5be0b56d
[Web] Return 401 status code when API authentication fails
2019-10-02 13:05:12 +02:00
andryyy
c8047b9555
[Web] Change session timeout handling
...
[Rspamd] Add missing spamassassin.conf
2019-04-14 13:01:47 +02:00
andryyy
3c4c760e29
[Web] Allow logout with broken session
...
[Web] Try to set aria hidden to false when a modal opens
2019-03-25 12:33:58 +01:00
andryyy
a599536499
[Web] Various session fixes
2019-02-04 22:34:03 +01:00
André
d39eab53a3
[Web] Fix API
2018-10-16 20:09:01 +02:00
André
9f0be1d8a8
[Web] Fix require_once to always include document root
...
[Web] Add system mails (send mails to all mailboxes via LMTP)
[Web] Allow to add more administrators
[Web] Fix domain administrator editing
[Web] Remove some foreign keys
[Web] Remove username from API
[Web] Remove more .php extension from code
[Web] More minor fixes
2018-10-11 11:59:23 +02:00
André
a11cce6765
[Web] Fixes for BCC map input fields
...
[Web] Allow to edit alias address
[Web] $_SESSION['return'] now contains arrays and allows multiple returned messages and log entries
[Web] Some language string changes
[Web] General SQL exception handler, remove all try catch handlers
[Web] Alias table now has an ID as primary key
[Web] Be more aggressive with localStorage cleaning
2018-08-13 23:20:40 +02:00
André
7f86a80670
[Web] Fix log line handling
...
[Web] Add mailcow UI logs
[Web] Changes to _SESSION['return'] logic and logger (more to come)
[Web] Show last login
[Web, Postfix] Allow to disable sender check completely
[Web] Many minor fixes
[Web] Update some libs
2018-08-03 20:31:33 +02:00
andre.peters
adc23d86f9
Various...
2017-12-09 13:17:15 +01:00
André
85d1ee2f49
[Web] Autodiscover returns given password decoded and trimed; Add sieve pre and post filters to UI; Move ajax called files; Rework log system: 100 entries per default, add more per click; Syncjobs: Do not read log to data attribute
2017-11-03 20:37:24 +01:00
André
81775765d8
[Web] Customize app menu and logo; Fix #671
2017-10-21 10:07:06 +02:00
andryyy
66e06a0c0c
[Web] Sync jobs can be created/viewed/edited by admins/domain admins; Various fixes or improvements
2017-07-29 10:32:17 +02:00
andryyy
9bce8f0501
[Web] Fix session timeout
2017-07-26 23:09:50 +02:00
andryyy
84ad579437
[Web] Initial ratelimit support, more API actions
2017-07-16 11:03:28 +02:00
andryyy
5a95d2062c
More changes to the UI, more API...
2017-05-29 21:51:06 +02:00
andryyy
4ffa80a669
Remove ip from session check
2017-05-18 19:45:41 +02:00
Dennis Neufeld
0d3d9b8c15
Fix bug: Session cookie domain
...
If the web domain is != mail domain, the session cookie is set to the wrong domain.
2017-05-16 19:46:24 +02:00
andryyy
e91c6916ab
CSRF protection
2017-05-15 11:37:12 +02:00
andryyy
49f28ecaf8
Destroy session when it becomes invalid
2017-05-14 21:53:08 +02:00
andryyy
3c937f75ba
Add OWASP CSRF Protector, add more secure session handling
2017-05-07 13:38:31 +02:00