the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2025-09-16 01:54:20 +08:00
Code Issues Projects Releases Packages Wiki Activity

Resolve #713

Browse source
This commit is contained in:
the-djmaze 2022-11-28 10:39:28 +01:00
parent b89d194863
commit 4085f58b4e
2 changed files with 19 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
dev/boot.js
View file

@ -31,6 +31,19 @@ const
navigator.cookieEnabled || redirect('NoCookie');
[].flat || redirect('BadBrowser');
try {
let smctoken = localStorage.getItem('smctoken');
if (!smctoken) {
let data = new Uint8Array(16);
crypto.getRandomValues(data);
smctoken = btoa(String.fromCharCode(...data));
localStorage.setItem('smctoken', smctoken);
}
document.cookie = 'smctoken='+encodeURIComponent(smctoken)+"; path=/; samesite=strict";
} catch (e) {
console.error(e);
}
let RL_APP_DATA = {};
doc.documentElement.classList.toggle('rl-mobile', 'mobile' === layout[2] || (!layout && 1000 > innerWidth));

10
snappymail/v/0.0.0/app/libraries/snappymail/crypt.php
View file

@ -45,10 +45,12 @@ abstract class Crypt
*/
private static function Passphrase(?string $key) : string
{
return \sha1(
($key ?: \preg_replace('/[^a-z]+/i', '', \explode(')', $_SERVER['HTTP_USER_AGENT'])[0])) . APP_SALT,
true
);
if (!$key) {
$key = isset($_COOKIE['smctoken'])
? $_COOKIE['smctoken']
: \preg_replace('/[^a-z]+/i', '', \explode(')', $_SERVER['HTTP_USER_AGENT'])[0]);
}
return \sha1($key . APP_SALT, true);
}
public static function Decrypt(array $data, string $key = null) /* : mixed */