the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2024-09-20 07:35:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup \headers()

Browse source
This commit is contained in:
djmaze 2021-08-18 13:13:50 +02:00
parent 212aeb6910
commit 17ae0eac5b
5 changed files with 28 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
snappymail/v/0.0.0/app/libraries/MailSo/Base/Http.php
View file

@ -431,14 +431,14 @@ class Http
{
if ($bSetCacheHeader)
{
\header('Cache-Control: public', true);
\header('Pragma: public', true);
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s', $iUtcTimeStamp - $iExpireTime).' UTC', true);
\header('Expires: '.\gmdate('D, j M Y H:i:s', $iUtcTimeStamp + $iExpireTime).' UTC', true);
\header('Cache-Control: public');
\header('Pragma: public');
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s', $iUtcTimeStamp - $iExpireTime).' UTC');
\header('Expires: '.\gmdate('D, j M Y H:i:s', $iUtcTimeStamp + $iExpireTime).' UTC');
if (0 < strlen($sEtag))
{
\header('Etag: '.$sEtag, true);
\header('Etag: '.$sEtag);
}
}
}
@ -463,8 +463,7 @@ class Http
$bCache = true;
\header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s').' GMT');
\header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
\header('Cache-Control: post-check=0, pre-check=0', false);
\header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0');
\header('Pragma: no-cache');
}
}
@ -478,10 +477,10 @@ class Http
if (false === $bCache)
{
$bCache = true;
\header('Cache-Control: private', true);
\header('ETag: '.$sEtag, true);
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s', $iLastModified).' UTC', true);
\header('Expires: '.\gmdate('D, j M Y H:i:s', $iExpires).' UTC', true);
\header('Cache-Control: private');
\header('ETag: '.$sEtag);
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s', $iLastModified).' UTC');
\header('Expires: '.\gmdate('D, j M Y H:i:s', $iExpires).' UTC');
}
}

8
snappymail/v/0.0.0/app/libraries/RainLoop/Actions/Contacts.php
View file

@ -264,8 +264,8 @@ trait Contacts
$oAccount = $this->getAccountFromToken();
\header('Content-Type: text/x-vcard; charset=UTF-8');
\header('Content-Disposition: attachment; filename="contacts.vcf"', true);
\header('Accept-Ranges: none', true);
\header('Content-Disposition: attachment; filename="contacts.vcf"');
\header('Accept-Ranges: none');
\header('Content-Transfer-Encoding: binary');
$this->oHttp->ServerNoCache();
@ -279,8 +279,8 @@ trait Contacts
$oAccount = $this->getAccountFromToken();
\header('Content-Type: text/csv; charset=UTF-8');
\header('Content-Disposition: attachment; filename="contacts.csv"', true);
\header('Accept-Ranges: none', true);
\header('Content-Disposition: attachment; filename="contacts.csv"');
\header('Accept-Ranges: none');
\header('Content-Transfer-Encoding: binary');
$this->oHttp->ServerNoCache();

14
snappymail/v/0.0.0/app/libraries/RainLoop/Actions/Raw.php
View file

@ -18,7 +18,7 @@ trait Raw
$iUid = (int) (isset($aValues['Uid']) ? $aValues['Uid'] : 0);
$sMimeIndex = (string) (isset($aValues['MimeIndex']) ? $aValues['MimeIndex'] : '');
\header('Content-Type: text/plain', true);
\header('Content-Type: text/plain');
return $this->MailClient()->MessageMimeStream(function ($rResource) {
if (\is_resource($rResource))
@ -157,9 +157,9 @@ trait Raw
{
\header('Content-Type: '.$sContentTypeOut);
\header('Content-Disposition: attachment; '.
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)), true);
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)));
\header('Accept-Ranges: none', true);
\header('Accept-Ranges: none');
\header('Content-Transfer-Encoding: binary');
\MailSo\Base\Utils::FpassthruWithTimeLimitReset($rResource);
@ -217,7 +217,7 @@ trait Raw
{
$oImage = static::loadImage(\stream_get_contents($rResource), $bDetectImageOrientation, 60);
\header('Content-Disposition: inline; '.
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut.'_thumb60x60.png')), true);
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut.'_thumb60x60.png')));
$oImage->show('png');
// $oImage->show('webp'); // Little Britain: "Safari says NO"
exit;
@ -235,7 +235,7 @@ trait Raw
$sLoadedData = \stream_get_contents($rResource);
$oImage = static::loadImage($sLoadedData, $bDetectImageOrientation);
\header('Content-Disposition: inline; '.
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)), true);
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)));
$oImage->show();
}
catch (\Throwable $oException)
@ -254,7 +254,7 @@ trait Raw
if (!headers_sent()) {
\header('Content-Type: '.$sContentTypeOut);
\header('Content-Disposition: '.($bDownload ? 'attachment' : 'inline').'; '.
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)), true);
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)));
\header('Accept-Ranges: bytes');
\header('Content-Transfer-Encoding: binary');
@ -298,7 +298,7 @@ trait Raw
if (0 < $iContentLength)
{
\header('Content-Length: '.$iContentLength, true);
\header('Content-Length: '.$iContentLength);
\header('Content-Range: bytes '.$sRangeStart.'-'.(0 < $iRangeEnd ? $iRangeEnd : $iFullContentLength - 1).'/'.$iFullContentLength);
}

10
snappymail/v/0.0.0/app/libraries/RainLoop/Service.php
View file

@ -53,7 +53,7 @@ class Service
$sServer = \trim($this->oActions->Config()->Get('security', 'custom_server_signature', ''));
if (0 < \strlen($sServer))
{
\header('Server: '.$sServer, true);
\header('Server: '.$sServer);
}
\header('Referrer-Policy: no-referrer');
@ -65,14 +65,14 @@ class Service
$this->setCSP();
$sXFrameOptionsHeader = \trim($this->oActions->Config()->Get('security', 'x_frame_options_header', '')) ?: 'DENY';
\header('X-Frame-Options: '.$sXFrameOptionsHeader, true);
\header('X-Frame-Options: '.$sXFrameOptionsHeader);
$sXssProtectionOptionsHeader = \trim($this->oActions->Config()->Get('security', 'x_xss_protection_header', '')) ?: '1; mode=block';
\header('X-XSS-Protection: '.$sXssProtectionOptionsHeader, true);
\header('X-XSS-Protection: '.$sXssProtectionOptionsHeader);
if ($this->oActions->Config()->Get('labs', 'force_https', false) && !$this->oHttp->IsSecure())
{
\header('Location: https://'.$this->oHttp->GetHost(false, false).$this->oHttp->GetUrl(), true);
\header('Location: https://'.$this->oHttp->GetHost(false, false).$this->oHttp->GetUrl());
exit(0);
}
@ -224,7 +224,7 @@ class Service
// Knockout.js requires eval() for observable binding purposes
//$sContentSecurityPolicy = \preg_replace("/(script-src[^;]+)'unsafe-eval'/", '$1', $sContentSecurityPolicy);
}
\header('Content-Security-Policy: '.$sContentSecurityPolicy, true);
\header('Content-Security-Policy: '.$sContentSecurityPolicy);
}
private function staticPath(string $sPath) : string

4
snappymail/v/0.0.0/app/libraries/RainLoop/ServiceActions.php
View file

@ -393,8 +393,8 @@ class ServiceActions
$sMethodName = 'Raw'.$sAction;
if (\method_exists($this->oActions, $sMethodName))
{
\header('X-Raw-Action: '.$sMethodName, true);
\header('Content-Security-Policy: script-src \'none\'; child-src \'none\'', true);
\header('X-Raw-Action: '.$sMethodName);
\header('Content-Security-Policy: script-src \'none\'; child-src \'none\'');
$sRawError = '';
$this->oActions->SetActionParams(array(