'[SM-CVS] SF.net SVN: squirrelmail:[13904]'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squirrelmail-cvs
Subject:    [SM-CVS] SF.net SVN: squirrelmail:[13904]
From:       kink () users ! sourceforge ! net
Date:       2010-02-13 16:28:10
Message-ID: E1NgKqo-0007RI-V6 () sfp-svn-2 ! v30 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Revision: 13904
          http://squirrelmail.svn.sourceforge.net/squirrelmail/?rev=13904&view=rev
Author:   kink
Date:     2010-02-13 16:28:10 +0000 (Sat, 13 Feb 2010)

Log Message:
-----------
Send X-DNS-Prefetch-Control: off header to browsers to prevent information
leakage when Firefox does DNS prefetching for URL's contained in emails.
https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail

Modified Paths:
--------------
    branches/SM-1_4-STABLE/squirrelmail/doc/ChangeLog
    branches/SM-1_4-STABLE/squirrelmail/functions/page_header.php

Modified: branches/SM-1_4-STABLE/squirrelmail/doc/ChangeLog
===================================================================
--- branches/SM-1_4-STABLE/squirrelmail/doc/ChangeLog	2010-02-13 16:27:52 UTC (rev \
                13903)
+++ branches/SM-1_4-STABLE/squirrelmail/doc/ChangeLog	2010-02-13 16:28:10 UTC (rev \
13904) @@ -16,6 +16,8 @@
   - Encoded From headers now properly quoted (#2830141).
   - Multibyte strings (notably subjects) are now handled correctly (#2824813,
     #2925731).
+  - Send X-DNS-Prefetch-Control: off header to browsers to prevent information
+    leakage when Firefox does DNS prefetching for URL's contained in emails.
 
 Version 1.4.20 RC2 - 17 Aug 2009
 --------------------------------

Modified: branches/SM-1_4-STABLE/squirrelmail/functions/page_header.php
===================================================================
--- branches/SM-1_4-STABLE/squirrelmail/functions/page_header.php	2010-02-13 16:27:52 \
                UTC (rev 13903)
+++ branches/SM-1_4-STABLE/squirrelmail/functions/page_header.php	2010-02-13 16:28:10 \
UTC (rev 13904) @@ -28,7 +28,8 @@
 
     echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">' .
          "\n\n" . html_tag( 'html' ,'' , '', '', '' ) . "\n<head>\n" .
-         "<meta name=\"robots\" content=\"noindex,nofollow\">\n";
+         "<meta name=\"robots\" content=\"noindex,nofollow\">\n" .
+         "<meta http-equiv=\"x-dns-prefetch-control\" content=\"off\">\n";
 
     if ( !isset( $custom_css ) || $custom_css == 'none' ) {
         if ($theme_css != '') {


This was sent by the SourceForge.net collaborative development platform, the world's \
largest Open Source development site.

------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
-----
squirrelmail-cvs mailing list
List address: squirrelmail-cvs@lists.sourceforge.net
List info (subscribe/unsubscribe/change options): \
                https://lists.sourceforge.net/lists/listinfo/squirrelmail-cvs
Repository: http://squirrelmail.org/svn


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic