From 3b7e77e6a47d2559be2db7ea337af86ef9d1b1d7 Mon Sep 17 00:00:00 2001
From: Andrew McMillan <debian@mcmillan.net.nz>
Date: Tue, 18 Nov 2008 18:19:13 +1300
Subject: [PATCH] Default allow_get_email_visibility to false, for security
 reasons.

---
 inc/always.php.in | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/inc/always.php.in b/inc/always.php.in
index 9e77ad5d..b2188db7 100644
--- a/inc/always.php.in
+++ b/inc/always.php.in
@@ -19,6 +19,7 @@ $c->system_name = "DAViCal CalDAV Server";
 $c->domain_name = $_SERVER['SERVER_NAME'];
 $c->save_time_zone_defs = true;
 $c->collections_always_exist = true;
+$c->allow_get_email_visibility = false;
 $c->home_calendar_name = 'home';
 $c->enable_row_linking = true;
 $c->http_auth_mode = 'Basic';
@@ -243,7 +244,7 @@ function ConstructURL( $partial_path ) {
 
   $url = $c->_url_script_path . $partial_path;
   $url = preg_replace( '#^(https?://.+)//#', '$1/', $url );  // Ensure we don't double any '/'
-  $url = preg_replace('#^https?://[^/]+#', '', $url );
+  $url = preg_replace('#^https?://[^/]+#', '', $url );       // Remove any protocol + hostname portion
   return $url;
 }