mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-09-20 15:45:55 +08:00
Cleanup \headers()
This commit is contained in:
djmaze
parent
212aeb6910
commit
17ae0eac5b
|
|
@ -431,14 +431,14 @@ class Http
|
||||||
{
|
{
|
||||||
if ($bSetCacheHeader)
|
if ($bSetCacheHeader)
|
||||||
{
|
{
|
||||||
\header('Cache-Control: public', true);
|
\header('Cache-Control: public');
|
||||||
\header('Pragma: public', true);
|
\header('Pragma: public');
|
||||||
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s', $iUtcTimeStamp - $iExpireTime).' UTC', true);
|
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s', $iUtcTimeStamp - $iExpireTime).' UTC');
|
||||||
\header('Expires: '.\gmdate('D, j M Y H:i:s', $iUtcTimeStamp + $iExpireTime).' UTC', true);
|
\header('Expires: '.\gmdate('D, j M Y H:i:s', $iUtcTimeStamp + $iExpireTime).' UTC');
|
||||||
|
|
||||||
if (0 < strlen($sEtag))
|
if (0 < strlen($sEtag))
|
||||||
{
|
{
|
||||||
\header('Etag: '.$sEtag, true);
|
\header('Etag: '.$sEtag);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -463,8 +463,7 @@ class Http
|
||||||
$bCache = true;
|
$bCache = true;
|
||||||
\header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
|
\header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
|
||||||
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s').' GMT');
|
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s').' GMT');
|
||||||
\header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
|
\header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0');
|
||||||
\header('Cache-Control: post-check=0, pre-check=0', false);
|
|
||||||
\header('Pragma: no-cache');
|
\header('Pragma: no-cache');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -478,10 +477,10 @@ class Http
|
||||||
if (false === $bCache)
|
if (false === $bCache)
|
||||||
{
|
{
|
||||||
$bCache = true;
|
$bCache = true;
|
||||||
\header('Cache-Control: private', true);
|
\header('Cache-Control: private');
|
||||||
\header('ETag: '.$sEtag, true);
|
\header('ETag: '.$sEtag);
|
||||||
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s', $iLastModified).' UTC', true);
|
\header('Last-Modified: '.\gmdate('D, d M Y H:i:s', $iLastModified).' UTC');
|
||||||
\header('Expires: '.\gmdate('D, j M Y H:i:s', $iExpires).' UTC', true);
|
\header('Expires: '.\gmdate('D, j M Y H:i:s', $iExpires).' UTC');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -264,8 +264,8 @@ trait Contacts
|
||||||
$oAccount = $this->getAccountFromToken();
|
$oAccount = $this->getAccountFromToken();
|
||||||
|
|
||||||
\header('Content-Type: text/x-vcard; charset=UTF-8');
|
\header('Content-Type: text/x-vcard; charset=UTF-8');
|
||||||
\header('Content-Disposition: attachment; filename="contacts.vcf"', true);
|
\header('Content-Disposition: attachment; filename="contacts.vcf"');
|
||||||
\header('Accept-Ranges: none', true);
|
\header('Accept-Ranges: none');
|
||||||
\header('Content-Transfer-Encoding: binary');
|
\header('Content-Transfer-Encoding: binary');
|
||||||
|
|
||||||
$this->oHttp->ServerNoCache();
|
$this->oHttp->ServerNoCache();
|
||||||
|
|
@ -279,8 +279,8 @@ trait Contacts
|
||||||
$oAccount = $this->getAccountFromToken();
|
$oAccount = $this->getAccountFromToken();
|
||||||
|
|
||||||
\header('Content-Type: text/csv; charset=UTF-8');
|
\header('Content-Type: text/csv; charset=UTF-8');
|
||||||
\header('Content-Disposition: attachment; filename="contacts.csv"', true);
|
\header('Content-Disposition: attachment; filename="contacts.csv"');
|
||||||
\header('Accept-Ranges: none', true);
|
\header('Accept-Ranges: none');
|
||||||
\header('Content-Transfer-Encoding: binary');
|
\header('Content-Transfer-Encoding: binary');
|
||||||
|
|
||||||
$this->oHttp->ServerNoCache();
|
$this->oHttp->ServerNoCache();
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,7 @@ trait Raw
|
||||||
$iUid = (int) (isset($aValues['Uid']) ? $aValues['Uid'] : 0);
|
$iUid = (int) (isset($aValues['Uid']) ? $aValues['Uid'] : 0);
|
||||||
$sMimeIndex = (string) (isset($aValues['MimeIndex']) ? $aValues['MimeIndex'] : '');
|
$sMimeIndex = (string) (isset($aValues['MimeIndex']) ? $aValues['MimeIndex'] : '');
|
||||||
|
|
||||||
\header('Content-Type: text/plain', true);
|
\header('Content-Type: text/plain');
|
||||||
|
|
||||||
return $this->MailClient()->MessageMimeStream(function ($rResource) {
|
return $this->MailClient()->MessageMimeStream(function ($rResource) {
|
||||||
if (\is_resource($rResource))
|
if (\is_resource($rResource))
|
||||||
|
|
@ -157,9 +157,9 @@ trait Raw
|
||||||
{
|
{
|
||||||
\header('Content-Type: '.$sContentTypeOut);
|
\header('Content-Type: '.$sContentTypeOut);
|
||||||
\header('Content-Disposition: attachment; '.
|
\header('Content-Disposition: attachment; '.
|
||||||
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)), true);
|
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)));
|
||||||
|
|
||||||
\header('Accept-Ranges: none', true);
|
\header('Accept-Ranges: none');
|
||||||
\header('Content-Transfer-Encoding: binary');
|
\header('Content-Transfer-Encoding: binary');
|
||||||
|
|
||||||
\MailSo\Base\Utils::FpassthruWithTimeLimitReset($rResource);
|
\MailSo\Base\Utils::FpassthruWithTimeLimitReset($rResource);
|
||||||
|
|
@ -217,7 +217,7 @@ trait Raw
|
||||||
{
|
{
|
||||||
$oImage = static::loadImage(\stream_get_contents($rResource), $bDetectImageOrientation, 60);
|
$oImage = static::loadImage(\stream_get_contents($rResource), $bDetectImageOrientation, 60);
|
||||||
\header('Content-Disposition: inline; '.
|
\header('Content-Disposition: inline; '.
|
||||||
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut.'_thumb60x60.png')), true);
|
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut.'_thumb60x60.png')));
|
||||||
$oImage->show('png');
|
$oImage->show('png');
|
||||||
// $oImage->show('webp'); // Little Britain: "Safari says NO"
|
// $oImage->show('webp'); // Little Britain: "Safari says NO"
|
||||||
exit;
|
exit;
|
||||||
|
|
@ -235,7 +235,7 @@ trait Raw
|
||||||
$sLoadedData = \stream_get_contents($rResource);
|
$sLoadedData = \stream_get_contents($rResource);
|
||||||
$oImage = static::loadImage($sLoadedData, $bDetectImageOrientation);
|
$oImage = static::loadImage($sLoadedData, $bDetectImageOrientation);
|
||||||
\header('Content-Disposition: inline; '.
|
\header('Content-Disposition: inline; '.
|
||||||
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)), true);
|
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)));
|
||||||
$oImage->show();
|
$oImage->show();
|
||||||
}
|
}
|
||||||
catch (\Throwable $oException)
|
catch (\Throwable $oException)
|
||||||
|
|
@ -254,7 +254,7 @@ trait Raw
|
||||||
if (!headers_sent()) {
|
if (!headers_sent()) {
|
||||||
\header('Content-Type: '.$sContentTypeOut);
|
\header('Content-Type: '.$sContentTypeOut);
|
||||||
\header('Content-Disposition: '.($bDownload ? 'attachment' : 'inline').'; '.
|
\header('Content-Disposition: '.($bDownload ? 'attachment' : 'inline').'; '.
|
||||||
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)), true);
|
\trim(\MailSo\Base\Utils::EncodeHeaderUtf8AttributeValue('filename', $sFileNameOut)));
|
||||||
|
|
||||||
\header('Accept-Ranges: bytes');
|
\header('Accept-Ranges: bytes');
|
||||||
\header('Content-Transfer-Encoding: binary');
|
\header('Content-Transfer-Encoding: binary');
|
||||||
|
|
@ -298,7 +298,7 @@ trait Raw
|
||||||
|
|
||||||
if (0 < $iContentLength)
|
if (0 < $iContentLength)
|
||||||
{
|
{
|
||||||
\header('Content-Length: '.$iContentLength, true);
|
\header('Content-Length: '.$iContentLength);
|
||||||
\header('Content-Range: bytes '.$sRangeStart.'-'.(0 < $iRangeEnd ? $iRangeEnd : $iFullContentLength - 1).'/'.$iFullContentLength);
|
\header('Content-Range: bytes '.$sRangeStart.'-'.(0 < $iRangeEnd ? $iRangeEnd : $iFullContentLength - 1).'/'.$iFullContentLength);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -53,7 +53,7 @@ class Service
|
||||||
$sServer = \trim($this->oActions->Config()->Get('security', 'custom_server_signature', ''));
|
$sServer = \trim($this->oActions->Config()->Get('security', 'custom_server_signature', ''));
|
||||||
if (0 < \strlen($sServer))
|
if (0 < \strlen($sServer))
|
||||||
{
|
{
|
||||||
\header('Server: '.$sServer, true);
|
\header('Server: '.$sServer);
|
||||||
}
|
}
|
||||||
|
|
||||||
\header('Referrer-Policy: no-referrer');
|
\header('Referrer-Policy: no-referrer');
|
||||||
|
|
@ -65,14 +65,14 @@ class Service
|
||||||
$this->setCSP();
|
$this->setCSP();
|
||||||
|
|
||||||
$sXFrameOptionsHeader = \trim($this->oActions->Config()->Get('security', 'x_frame_options_header', '')) ?: 'DENY';
|
$sXFrameOptionsHeader = \trim($this->oActions->Config()->Get('security', 'x_frame_options_header', '')) ?: 'DENY';
|
||||||
\header('X-Frame-Options: '.$sXFrameOptionsHeader, true);
|
\header('X-Frame-Options: '.$sXFrameOptionsHeader);
|
||||||
|
|
||||||
$sXssProtectionOptionsHeader = \trim($this->oActions->Config()->Get('security', 'x_xss_protection_header', '')) ?: '1; mode=block';
|
$sXssProtectionOptionsHeader = \trim($this->oActions->Config()->Get('security', 'x_xss_protection_header', '')) ?: '1; mode=block';
|
||||||
\header('X-XSS-Protection: '.$sXssProtectionOptionsHeader, true);
|
\header('X-XSS-Protection: '.$sXssProtectionOptionsHeader);
|
||||||
|
|
||||||
if ($this->oActions->Config()->Get('labs', 'force_https', false) && !$this->oHttp->IsSecure())
|
if ($this->oActions->Config()->Get('labs', 'force_https', false) && !$this->oHttp->IsSecure())
|
||||||
{
|
{
|
||||||
\header('Location: https://'.$this->oHttp->GetHost(false, false).$this->oHttp->GetUrl(), true);
|
\header('Location: https://'.$this->oHttp->GetHost(false, false).$this->oHttp->GetUrl());
|
||||||
exit(0);
|
exit(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -224,7 +224,7 @@ class Service
|
||||||
// Knockout.js requires eval() for observable binding purposes
|
// Knockout.js requires eval() for observable binding purposes
|
||||||
//$sContentSecurityPolicy = \preg_replace("/(script-src[^;]+)'unsafe-eval'/", '$1', $sContentSecurityPolicy);
|
//$sContentSecurityPolicy = \preg_replace("/(script-src[^;]+)'unsafe-eval'/", '$1', $sContentSecurityPolicy);
|
||||||
}
|
}
|
||||||
\header('Content-Security-Policy: '.$sContentSecurityPolicy, true);
|
\header('Content-Security-Policy: '.$sContentSecurityPolicy);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function staticPath(string $sPath) : string
|
private function staticPath(string $sPath) : string
|
||||||
|
|
|
||||||
|
|
@ -393,8 +393,8 @@ class ServiceActions
|
||||||
$sMethodName = 'Raw'.$sAction;
|
$sMethodName = 'Raw'.$sAction;
|
||||||
if (\method_exists($this->oActions, $sMethodName))
|
if (\method_exists($this->oActions, $sMethodName))
|
||||||
{
|
{
|
||||||
\header('X-Raw-Action: '.$sMethodName, true);
|
\header('X-Raw-Action: '.$sMethodName);
|
||||||
\header('Content-Security-Policy: script-src \'none\'; child-src \'none\'', true);
|
\header('Content-Security-Policy: script-src \'none\'; child-src \'none\'');
|
||||||
|
|
||||||
$sRawError = '';
|
$sRawError = '';
|
||||||
$this->oActions->SetActionParams(array(
|
$this->oActions->SetActionParams(array(
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue