From 39bb3719c25c2835a237af937d40f7871d991f1f Mon Sep 17 00:00:00 2001 From: the-djmaze <> Date: Fri, 3 Feb 2023 11:16:15 +0100 Subject: [PATCH] Moved some application.ini settings --- .../files/usr/local/include/application.ini | 32 +++++--- .../libraries/RainLoop/Config/Application.php | 81 +++++++++---------- .../app/libraries/RainLoop/Model/Account.php | 2 +- .../0.0.0/app/libraries/RainLoop/Service.php | 2 +- 4 files changed, 60 insertions(+), 57 deletions(-) diff --git a/.docker/release/files/usr/local/include/application.ini b/.docker/release/files/usr/local/include/application.ini index 86703ab5a..5afd3334d 100644 --- a/.docker/release/files/usr/local/include/application.ini +++ b/.docker/release/files/usr/local/include/application.ini @@ -57,16 +57,17 @@ custom_server_signature = "SnappyMail" x_xss_protection_header = "1; mode=block" openpgp = Off +; Access settings +allow_admin_panel = On + ; Login and password for web admin panel admin_login = "admin" admin_password = "" admin_totp = "" - -; Access settings -allow_admin_panel = On -hide_x_mailer_header = On admin_panel_host = "" admin_panel_key = "admin" +force_https = Off +hide_x_mailer_header = On ; For example to allow all images use "img-src https:". More info at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#directives content_security_policy = "" @@ -117,8 +118,11 @@ disable_compression = On [capa] quota = On + +; Allow clear folder and delete messages without moving to trash dangerous_actions = On -message_actions = On + +; Allow download attachments as Zip (and optionally others) attachments_actions = On [login] @@ -131,7 +135,11 @@ default_domain = "" ; Allow language selection on webmail login screen allow_languages_on_login = On + +; Detect language from browser header `Accept-Language` determine_user_language = On + +; Like default_domain but then HTTP_HOST/SERVER_NAME without www. determine_user_domain = Off login_lowercase = On @@ -229,6 +237,8 @@ auth_syslog = On [debug] ; Special option required for development purposes enable = Off +javascript = Off +css = Off [cache] ; The section controls caching of the entire application. @@ -256,7 +266,6 @@ http_expires = 3600 ; Caching message UIDs when searching and sorting (threading) server_uids = On - system_data = On [imap] @@ -266,26 +275,28 @@ message_list_fast_simple_search = On message_list_permanent_filter = "" message_all_headers = Off show_login_alert = On +fetch_new_messages = On [labs] +; Display message RFC 2822 date and time header, instead of the arrival internal date. date_from_headers = On allow_message_append = Off login_fault_delay = 1 log_ajax_response_write_limit = 300 allow_html_editor_biti_buttons = Off allow_ctrl_enter_on_compose = On -try_to_detect_hidden_images = Off -use_app_debug_js = Off -use_app_debug_css = Off smtp_show_server_errors = Off sieve_auth_plain_initial = On sieve_allow_fileinto_inbox = Off + +; PHP mail() remove To and Subject headers mail_func_clear_headers = On + +; PHP mail() set -f emailaddress mail_func_additional_parameters = Off folders_spec_limit = 50 curl_proxy = "" curl_proxy_auth = "" -force_https = Off custom_login_link = "" custom_logout_link = "" http_client_ip_check_proxy = Off @@ -297,7 +308,6 @@ use_local_proxy_for_external_images = On image_exif_auto_rotate = Off cookie_default_path = "" cookie_default_secure = Off -check_new_messages = On replace_env_in_configuration = "" boundary_prefix = "" dev_email = "" diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Config/Application.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Config/Application.php index b8cfe4f81..53c301419 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Config/Application.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Config/Application.php @@ -4,7 +4,7 @@ namespace RainLoop\Config; class Application extends \RainLoop\Config\AbstractConfig { - private $aReplaceEnv = null; + private ?array $aReplaceEnv = null; public function __construct() { @@ -23,19 +23,16 @@ class Application extends \RainLoop\Config\AbstractConfig (isset($_SERVER) && \is_array($_SERVER) && \count($_SERVER))) { $sEnvNames = $this->Get('labs', 'replace_env_in_configuration', ''); - if (\strlen($sEnvNames)) - { + if (\strlen($sEnvNames)) { $this->aReplaceEnv = \explode(',', $sEnvNames); - if (\is_array($this->aReplaceEnv)) - { + if (\is_array($this->aReplaceEnv)) { $this->aReplaceEnv = \array_map('trim', $this->aReplaceEnv); $this->aReplaceEnv = \array_map('strtolower', $this->aReplaceEnv); } } } - if (!\is_array($this->aReplaceEnv) || 0 === \count($this->aReplaceEnv)) - { + if (!\is_array($this->aReplaceEnv) || !\count($this->aReplaceEnv)) { $this->aReplaceEnv = null; } @@ -58,34 +55,23 @@ class Application extends \RainLoop\Config\AbstractConfig public function Get(string $sSection, string $sName, $mDefault = null) { $mResult = parent::Get($sSection, $sName, $mDefault); - if ($this->aReplaceEnv && \is_string($mResult)) - { + if ($this->aReplaceEnv && \is_string($mResult)) { $sKey = \strtolower($sSection.'.'.$sName); - if (\in_array($sKey, $this->aReplaceEnv) && false !== strpos($mResult, '$')) - { + if (\in_array($sKey, $this->aReplaceEnv) && false !== strpos($mResult, '$')) { $mResult = \preg_replace_callback('/\$([^\s]+)/', function($aMatch) { - - if (!empty($aMatch[0]) && !empty($aMatch[1])) - { - if (!empty($_ENV[$aMatch[1]])) - { + if (!empty($aMatch[0]) && !empty($aMatch[1])) { + if (!empty($_ENV[$aMatch[1]])) { + return $_ENV[$aMatch[1]]; + } + if (!empty($_SERVER[$aMatch[1]])) { return $_SERVER[$aMatch[1]]; } - - if (!empty($_SERVER[$aMatch[1]])) - { - return $_SERVER[$aMatch[1]]; - } - return $aMatch[0]; } - return ''; - }, $mResult); } } - return $mResult; } @@ -106,6 +92,13 @@ class Application extends \RainLoop\Config\AbstractConfig $sSectionKey = 'cache'; $sParamKey = 'system_data'; } + if ('force_https' === $sParamKey) { + $sSectionKey = 'security'; + } + if ('check_new_messages' === $sParamKey) { + $sSectionKey = 'imap'; + $sParamKey = 'fetch_new_messages'; + } } parent::Set($sSectionKey, $sParamKey, $mParamValue); } @@ -187,24 +180,25 @@ class Application extends \RainLoop\Config\AbstractConfig ), 'security' => array( - 'custom_server_signature' => array('SnappyMail'), - 'x_xss_protection_header' => array('1; mode=block'), + 'custom_server_signature' => array('SnappyMail'), + 'x_xss_protection_header' => array('1; mode=block'), - 'openpgp' => array(false), + 'openpgp' => array(false), - 'allow_admin_panel' => array(true, 'Access settings'), - 'admin_login' => array('admin', 'Login and password for web admin panel'), - 'admin_password' => array(''), - 'admin_totp' => array(''), - 'admin_panel_host' => array(''), - 'admin_panel_key' => array('admin'), + 'allow_admin_panel' => array(true, 'Access settings'), + 'admin_login' => array('admin', 'Login and password for web admin panel'), + 'admin_password' => array(''), + 'admin_totp' => array(''), + 'admin_panel_host' => array(''), + 'admin_panel_key' => array('admin'), - 'hide_x_mailer_header' => array(true), - 'content_security_policy' => array('', 'For example to allow all images use "img-src https:". More info at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#directives'), - 'csp_report' => array(false, 'Report CSP errors to PHP and/or SnappyMail Log'), - 'encrypt_cipher' => array('aes-256-cbc-hmac-sha1', 'A valid cipher method from https://php.net/openssl_get_cipher_methods'), - 'cookie_samesite' => array('Strict', 'Strict, Lax or None'), - 'secfetch_allow' => array('', 'Additional allowed Sec-Fetch combinations separated by ";". + 'force_https' => array(false), + 'hide_x_mailer_header' => array(true), + 'content_security_policy' => array('', 'For example to allow all images use "img-src https:". More info at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy#directives'), + 'csp_report' => array(false, 'Report CSP errors to PHP and/or SnappyMail Log'), + 'encrypt_cipher' => array('aes-256-cbc-hmac-sha1', 'A valid cipher method from https://php.net/openssl_get_cipher_methods'), + 'cookie_samesite' => array('Strict', 'Strict, Lax or None'), + 'secfetch_allow' => array('', 'Additional allowed Sec-Fetch combinations separated by ";". For example: * Allow iframe on same domain in any mode: dest=iframe,site=same-origin * Allow navigate to iframe on same domain: mode=navigate,dest=iframe,site=same-origin @@ -379,6 +373,7 @@ Enables caching in the system'), 'message_list_permanent_filter' => array(''), 'message_all_headers' => array(false), 'show_login_alert' => array(true), + 'fetch_new_messages' => array(true), ), 'labs' => array( @@ -391,12 +386,11 @@ Enables caching in the system'), 'smtp_show_server_errors' => array(false), 'sieve_auth_plain_initial' => array(true), 'sieve_allow_fileinto_inbox' => array(false), - 'mail_func_clear_headers' => array(true), - 'mail_func_additional_parameters' => array(false), + 'mail_func_clear_headers' => array(true, 'PHP mail() remove To and Subject headers'), + 'mail_func_additional_parameters' => array(false, 'PHP mail() set -f emailaddress'), 'folders_spec_limit' => array(50), 'curl_proxy' => array(''), 'curl_proxy_auth' => array(''), - 'force_https' => array(false), 'custom_login_link' => array(''), 'custom_logout_link' => array(''), 'http_client_ip_check_proxy' => array(false), @@ -408,7 +402,6 @@ Enables caching in the system'), 'image_exif_auto_rotate' => array(false), 'cookie_default_path' => array(''), 'cookie_default_secure' => array(false), - 'check_new_messages' => array(true), 'replace_env_in_configuration' => array(''), 'boundary_prefix' => array(''), 'dev_email' => array(''), diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Model/Account.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Model/Account.php index 0f02be7aa..7b2268be1 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Model/Account.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Model/Account.php @@ -221,7 +221,7 @@ abstract class Account implements \JsonSerializable $oSettings->expunge_all_on_delete |= !!$oConfig->Get('imap', 'use_expunge_all_on_delete', false); $oSettings->fast_simple_search = !(!$oSettings->fast_simple_search || !$oConfig->Get('imap', 'message_list_fast_simple_search', true)); - $oSettings->fetch_new_messages = !(!$oSettings->fetch_new_messages || !$oConfig->Get('labs', 'check_new_messages', true)); + $oSettings->fetch_new_messages = !(!$oSettings->fetch_new_messages || !$oConfig->Get('imap', 'fetch_new_messages', true)); $oSettings->force_select |= !!$oConfig->Get('imap', 'use_force_selection', false); $oSettings->message_all_headers |= !!$oConfig->Get('imap', 'message_all_headers', false); $oSettings->search_filter = $oSettings->search_filter ?: \trim($oConfig->Get('imap', 'message_list_permanent_filter', '')); diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Service.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Service.php index 1abc3d7dd..f7c5ecf7e 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Service.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Service.php @@ -38,7 +38,7 @@ abstract class Service \header('X-XSS-Protection: '.$sXssProtectionOptionsHeader); $oHttp = \MailSo\Base\Http::SingletonInstance(); - if ($oConfig->Get('labs', 'force_https', false) && !$oHttp->IsSecure()) { + if ($oConfig->Get('security', 'force_https', false) && !$oHttp->IsSecure()) { \header('Location: https://'.$oHttp->GetHost(false, false).$oHttp->GetUrl()); exit; }