mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-09 14:38:27 +03:00
Allow setting cookie SameSite #537
This commit is contained in:
parent
fff3e5c9ce
commit
69ae65b4bb
5 changed files with 36 additions and 29 deletions
|
|
@ -666,7 +666,7 @@ class ActionsAdmin extends Actions
|
|||
|
||||
private function setAdminAuthToken(string $sToken) : void
|
||||
{
|
||||
Utils::SetCookie(static::$AUTH_ADMIN_TOKEN_KEY, $sToken, 0);
|
||||
Utils::SetCookie(static::$AUTH_ADMIN_TOKEN_KEY, $sToken);
|
||||
}
|
||||
|
||||
private function getAdminToken() : string
|
||||
|
|
|
|||
|
|
@ -80,7 +80,10 @@ abstract class Api
|
|||
$sSslCapath = static::Config()->Get('ssl', 'capath', '');
|
||||
|
||||
Utils::$CookieDefaultPath = static::Config()->Get('labs', 'cookie_default_path', '');
|
||||
Utils::$CookieDefaultSecure = !!static::Config()->Get('labs', 'cookie_default_secure', false);
|
||||
Utils::$CookieSameSite = static::Config()->Get('security', 'cookie_samesite', 'Strict');
|
||||
Utils::$CookieSecure = isset($_SERVER['HTTPS'])
|
||||
|| 'None' == Utils::$CookieSameSite
|
||||
|| !!static::Config()->Get('labs', 'cookie_default_secure', false);
|
||||
|
||||
if (!empty($sSslCafile) || !empty($sSslCapath))
|
||||
{
|
||||
|
|
|
|||
|
|
@ -181,7 +181,8 @@ class Application extends \RainLoop\Config\AbstractConfig
|
|||
'admin_panel_key' => array('admin'),
|
||||
'content_security_policy' => array(''),
|
||||
'csp_report' => array(false),
|
||||
'encrypt_cipher' => array($sCipher)
|
||||
'encrypt_cipher' => array($sCipher),
|
||||
'cookie_samesite' => array('Strict', 'Strict, Lax or None')
|
||||
),
|
||||
|
||||
'admin_panel' => array(
|
||||
|
|
|
|||
|
|
@ -634,12 +634,14 @@ class ServiceActions
|
|||
$this->oHttp->ServerNoCache();
|
||||
$sTo = \trim($_GET['to'] ?? '');
|
||||
if (!empty($sTo) && \preg_match('/^mailto:/i', $sTo)) {
|
||||
Utils::SetCookie(Actions::AUTH_MAILTO_TOKEN_KEY,
|
||||
Utils::SetCookie(
|
||||
Actions::AUTH_MAILTO_TOKEN_KEY,
|
||||
Utils::EncodeKeyValuesQ(array(
|
||||
'Time' => \microtime(true),
|
||||
'MailTo' => 'MailTo',
|
||||
'To' => $sTo
|
||||
)), 0);
|
||||
))
|
||||
);
|
||||
}
|
||||
$this->oActions->Location('./');
|
||||
return '';
|
||||
|
|
|
|||
|
|
@ -4,15 +4,11 @@ namespace RainLoop;
|
|||
|
||||
class Utils
|
||||
{
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
static $CookieDefaultPath = '';
|
||||
|
||||
/**
|
||||
* @var bool|null
|
||||
*/
|
||||
static $CookieDefaultSecure = null;
|
||||
static $CookieSecure = null;
|
||||
|
||||
static $CookieSameSite = 'Strict';
|
||||
|
||||
const
|
||||
/**
|
||||
|
|
@ -119,7 +115,26 @@ class Utils
|
|||
: null;
|
||||
}
|
||||
|
||||
public static function SetCookie(string $sName, string $sValue = '', int $iExpire = 0, bool $bHttpOnly = true)
|
||||
private static function _SetCookie(string $sName, string $sValue, int $iExpire)
|
||||
{
|
||||
$sPath = static::$CookieDefaultPath;
|
||||
$sPath = $sPath && \strlen($sPath) ? $sPath : '/';
|
||||
/*
|
||||
if (\strlen($sValue) > 4000 - \strlen($sPath . $sName)) {
|
||||
throw new \Exception("Cookie '{$sName}' value too long");
|
||||
}
|
||||
*/
|
||||
\setcookie($sName, $sValue, array(
|
||||
'expires' => $iExpire,
|
||||
'path' => $sPath,
|
||||
// 'domain' => null,
|
||||
'secure' => static::$CookieSecure,
|
||||
'httponly' => true,
|
||||
'samesite' => static::$CookieSameSite
|
||||
));
|
||||
}
|
||||
|
||||
public static function SetCookie(string $sName, string $sValue = '', int $iExpire = 0)
|
||||
{
|
||||
$sPath = static::$CookieDefaultPath;
|
||||
$sPath = $sPath && \strlen($sPath) ? $sPath : '/';
|
||||
|
|
@ -133,14 +148,7 @@ class Utils
|
|||
}
|
||||
*/
|
||||
foreach (\str_split($sValue, $iMaxSize) as $i => $sPart) {
|
||||
\setcookie($i ? "{$sName}~{$i}" : $sName, $sPart, array(
|
||||
'expires' => $iExpire,
|
||||
'path' => $sPath,
|
||||
// 'domain' => $sDomain,
|
||||
'secure' => isset($_SERVER['HTTPS']) || static::$CookieDefaultSecure,
|
||||
'httponly' => $bHttpOnly,
|
||||
'samesite' => 'Strict'
|
||||
));
|
||||
static::_SetCookie($i ? "{$sName}~{$i}" : $sName, $sPart, $iExpire);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -151,14 +159,7 @@ class Utils
|
|||
foreach (\array_keys($_COOKIE) as $sCookieName) {
|
||||
if (\strtok($sCookieName, '~') === $sName) {
|
||||
unset($_COOKIE[$sCookieName]);
|
||||
\setcookie($sCookieName, '', array(
|
||||
'expires' => \time() - 3600 * 24 * 30,
|
||||
'path' => $sPath && \strlen($sPath) ? $sPath : '/',
|
||||
// 'domain' => null,
|
||||
'secure' => isset($_SERVER['HTTPS']) || static::$CookieDefaultSecure,
|
||||
'httponly' => true,
|
||||
'samesite' => 'Strict'
|
||||
));
|
||||
static::_SetCookie($sCookieName, '', \time() - 3600 * 24 * 30);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue