nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-01-27 00:33:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,654 Commits 11 Branches 58 Tags 14 MiB
Commit Graph

37 Commits

Author SHA1 Message Date
Florian Schlichting
2ab18d802e turn cherry-picked commits into a quilt patch and prepare security upload 2019-12-13 07:34:35 +08:00
nielsvangijzen
c7eca6dd4a Added CSRF to the application (took in account backwards compatibility) 
Mitigated the XSS vulnerabilities reported by HackDefense
Advisories for said vulnerabilities can be found here:
https://hackdefense.com/publications/cve-2019-18345-davical-caldav-server-vulnerability
https://hackdefense.com/publications/cve-2019-18346-davical-caldav-server-vulnerability
https://hackdefense.com/publications/cve-2019-18347-davical-caldav-server-vulnerability
 2019-12-12 00:53:56 +08:00
Florian Schlichting
2c11535eb0 use secure URIs where possible 2017-01-08 15:48:52 +01:00
Florian Schlichting
fd36a1f5a5 destroy LSID cookie when actively hitting "Logout" (fixes #56, Debian #703138) 2017-01-08 02:12:22 +01:00
Florian Schlichting
93d3b6daba remove logout button when the webserver does auth, or use a configured logout URL (fixes #67, Debian #703130) 2017-01-08 02:08:13 +01:00
Florian Schlichting
f1595efb48 add the iSchedule administration helper to the menu to give it more visibility and testing 
and only show 'List External Calendars' in one (the Admin's) menu
 2016-01-08 14:54:19 +01:00
Jim Fenton
a877ef47c5 Correct links to mailing list archives and bug report location 2014-11-22 22:10:40 -08:00
Christoph Anton Mitterer
4ae44558c7 update addresses to the new canonical location 
* Updated all addresses of the canonical git upstream repository and the issue
  tracker to the new ones.

Conflicts:
	po/de.po
	po/es_AR.po
	po/es_ES.po
	po/es_MX.po
	po/es_VE.po
	po/et.po
	po/fr.po
	po/hu.po
	po/it.po
	po/ja.po
	po/nb_NO.po
	po/nl.po
	po/pl.po
	po/pt_BR.po
	po/pt_PT.po
	po/ru.po
	po/sv.po
 2013-09-02 14:40:33 +12:00
Rob Ostensen
8302d79118 Merge branch 'master' of git://repo.or.cz/davical into sched 2011-10-07 04:14:46 -05:00
Andrew McMillan
ec2c7084a8 Move 'List External Calendars' to admin menu. 2011-10-07 09:58:57 +02:00
Rob Ostensen
7f3024a4b6 add a page to list externally bound calendars, still missing the edit page and a button to remove dangling entries 2011-10-07 09:46:31 +02:00
Rob Ostensen
6ce4c09a1f add a page to list externally bound calendars, still missing the edit page and a button to remove dangling entries 2011-10-07 01:52:32 -05:00
Andrew McMillan
356a69e56f Rename 'Import Calendars' to 'Tools' since LDAP is more likely. 2010-09-25 22:32:04 +12:00
Andrew McMillan
15b8d658b3 Add a link to list inactive principals. 2010-02-24 16:28:15 +13:00
Andrew McMillan
9338bf48ac Remove link to old users browse page. 2010-02-23 22:59:36 +13:00
Andrew McMillan
580d5312c3 Remove misguided include logic. 2010-02-02 13:30:30 +13:00
Andrew McMillan
4695353b1a Clarify menu wording. Remove relationships page (yay!). 2009-12-21 22:28:24 +13:00
Andrew McMillan
34a82968a8 Retitle 'New User' to 'New Principal' 2009-12-13 16:54:24 +13:00
Andrew McMillan
62e43e1be3 Rename davical.php to admin.php which is more appropriate. 2009-12-04 22:57:03 +13:00
Andrew McMillan
516dc03880 New screens for browsing/editing Principals & Collections. 2009-11-22 22:33:56 +13:00
Andrew McMillan
74ccdb910a Menu restructuring. 2009-10-27 09:34:43 +13:00
Andrew McMillan
adee722c97 Make the bug report request open in a new window. 2009-10-20 11:32:43 +13:00
Andrew McMillan
c3f5395bc6 Correct tooltip for Home menu option. 2009-10-16 10:21:11 +13:00
Andrew McMillan
0132e8195e Fix uninitialised variable warnings. 2008-10-27 15:10:43 +13:00
Andrew McMillan
fc66ea3bd0 Only display the relationships menu for Admin users. 2007-10-27 15:24:55 +13:00
Maxime Delorme
9a8ee2c7a1 It is safer to point menu options at /index.php rather than just / 2007-06-11 13:50:09 +01:00
Andrew McMillan
b2aa337fd8 Rename user.php => usr.php so that case-insensitive filesystems still work. 2007-05-29 22:58:36 +12:00
Maxime Delorme
f00f07eb8f Changes to allow processing of a server-based directory of calendars to 
load for many people.  Moving this away from the user maintenance screen.
 2007-05-19 11:40:37 +12:00
Maxime Delorme
231f5be13b Commented code for future pages. 2007-05-05 11:37:45 +12:00
Andrew McMillan
2800808b90 Allow RSCDS to operate from a subdirectory within another virtual host, 
rather than requiring it's own virtual host.
 2006-11-30 18:09:38 +13:00
Andrew McMillan
3a5cb76191 Apply the i18n framework in various places. 2006-11-05 22:27:37 +13:00
Andrew McMillan
6999306e5e Add link to Sourceforge Bug creation page. 2006-10-29 10:47:11 +13:00
Andrew McMillan
c25312c13d Allow for listing, adding & deleting relationship types. 2009-09-09 21:43:06 +12:00
Andrew McMillan
93b10fde61 Remove the reference to an old include. 2006-10-13 18:21:20 +13:00
Andrew McMillan
f649e1b49d Many changes to get user maintenance basically working, make the layout 
all look somewhat nicer, and start to try and work with Mulberry, including
implementing MKCALENDAR and PROPFIND in at least a basic manner.
 2006-10-01 20:46:28 +13:00
Andrew McMillan
db963fadf6 Now supports user create, view & edit with role assignment. Also starts to 
support the PROPFIND request that Mulberry makes but does not fully support
Mulberry yet (their timezones are non-standard).
 2006-09-27 09:53:34 +12:00
Andrew McMillan
a57d690167 Kinda working with both Lightning & Evolution now. About to restructure to 
add TODO items and make certain queries easier.
 2006-09-21 18:24:26 +12:00