mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-13 03:27:39 +03:00
Allow setting cookie SameSite #537
This commit is contained in:
parent
fff3e5c9ce
commit
69ae65b4bb
5 changed files with 36 additions and 29 deletions
|
|
@ -666,7 +666,7 @@ class ActionsAdmin extends Actions
|
||||||
|
|
||||||
private function setAdminAuthToken(string $sToken) : void
|
private function setAdminAuthToken(string $sToken) : void
|
||||||
{
|
{
|
||||||
Utils::SetCookie(static::$AUTH_ADMIN_TOKEN_KEY, $sToken, 0);
|
Utils::SetCookie(static::$AUTH_ADMIN_TOKEN_KEY, $sToken);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getAdminToken() : string
|
private function getAdminToken() : string
|
||||||
|
|
|
||||||
|
|
@ -80,7 +80,10 @@ abstract class Api
|
||||||
$sSslCapath = static::Config()->Get('ssl', 'capath', '');
|
$sSslCapath = static::Config()->Get('ssl', 'capath', '');
|
||||||
|
|
||||||
Utils::$CookieDefaultPath = static::Config()->Get('labs', 'cookie_default_path', '');
|
Utils::$CookieDefaultPath = static::Config()->Get('labs', 'cookie_default_path', '');
|
||||||
Utils::$CookieDefaultSecure = !!static::Config()->Get('labs', 'cookie_default_secure', false);
|
Utils::$CookieSameSite = static::Config()->Get('security', 'cookie_samesite', 'Strict');
|
||||||
|
Utils::$CookieSecure = isset($_SERVER['HTTPS'])
|
||||||
|
|| 'None' == Utils::$CookieSameSite
|
||||||
|
|| !!static::Config()->Get('labs', 'cookie_default_secure', false);
|
||||||
|
|
||||||
if (!empty($sSslCafile) || !empty($sSslCapath))
|
if (!empty($sSslCafile) || !empty($sSslCapath))
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -181,7 +181,8 @@ class Application extends \RainLoop\Config\AbstractConfig
|
||||||
'admin_panel_key' => array('admin'),
|
'admin_panel_key' => array('admin'),
|
||||||
'content_security_policy' => array(''),
|
'content_security_policy' => array(''),
|
||||||
'csp_report' => array(false),
|
'csp_report' => array(false),
|
||||||
'encrypt_cipher' => array($sCipher)
|
'encrypt_cipher' => array($sCipher),
|
||||||
|
'cookie_samesite' => array('Strict', 'Strict, Lax or None')
|
||||||
),
|
),
|
||||||
|
|
||||||
'admin_panel' => array(
|
'admin_panel' => array(
|
||||||
|
|
|
||||||
|
|
@ -634,12 +634,14 @@ class ServiceActions
|
||||||
$this->oHttp->ServerNoCache();
|
$this->oHttp->ServerNoCache();
|
||||||
$sTo = \trim($_GET['to'] ?? '');
|
$sTo = \trim($_GET['to'] ?? '');
|
||||||
if (!empty($sTo) && \preg_match('/^mailto:/i', $sTo)) {
|
if (!empty($sTo) && \preg_match('/^mailto:/i', $sTo)) {
|
||||||
Utils::SetCookie(Actions::AUTH_MAILTO_TOKEN_KEY,
|
Utils::SetCookie(
|
||||||
|
Actions::AUTH_MAILTO_TOKEN_KEY,
|
||||||
Utils::EncodeKeyValuesQ(array(
|
Utils::EncodeKeyValuesQ(array(
|
||||||
'Time' => \microtime(true),
|
'Time' => \microtime(true),
|
||||||
'MailTo' => 'MailTo',
|
'MailTo' => 'MailTo',
|
||||||
'To' => $sTo
|
'To' => $sTo
|
||||||
)), 0);
|
))
|
||||||
|
);
|
||||||
}
|
}
|
||||||
$this->oActions->Location('./');
|
$this->oActions->Location('./');
|
||||||
return '';
|
return '';
|
||||||
|
|
|
||||||
|
|
@ -4,15 +4,11 @@ namespace RainLoop;
|
||||||
|
|
||||||
class Utils
|
class Utils
|
||||||
{
|
{
|
||||||
/**
|
|
||||||
* @var string
|
|
||||||
*/
|
|
||||||
static $CookieDefaultPath = '';
|
static $CookieDefaultPath = '';
|
||||||
|
|
||||||
/**
|
static $CookieSecure = null;
|
||||||
* @var bool|null
|
|
||||||
*/
|
static $CookieSameSite = 'Strict';
|
||||||
static $CookieDefaultSecure = null;
|
|
||||||
|
|
||||||
const
|
const
|
||||||
/**
|
/**
|
||||||
|
|
@ -119,7 +115,26 @@ class Utils
|
||||||
: null;
|
: null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function SetCookie(string $sName, string $sValue = '', int $iExpire = 0, bool $bHttpOnly = true)
|
private static function _SetCookie(string $sName, string $sValue, int $iExpire)
|
||||||
|
{
|
||||||
|
$sPath = static::$CookieDefaultPath;
|
||||||
|
$sPath = $sPath && \strlen($sPath) ? $sPath : '/';
|
||||||
|
/*
|
||||||
|
if (\strlen($sValue) > 4000 - \strlen($sPath . $sName)) {
|
||||||
|
throw new \Exception("Cookie '{$sName}' value too long");
|
||||||
|
}
|
||||||
|
*/
|
||||||
|
\setcookie($sName, $sValue, array(
|
||||||
|
'expires' => $iExpire,
|
||||||
|
'path' => $sPath,
|
||||||
|
// 'domain' => null,
|
||||||
|
'secure' => static::$CookieSecure,
|
||||||
|
'httponly' => true,
|
||||||
|
'samesite' => static::$CookieSameSite
|
||||||
|
));
|
||||||
|
}
|
||||||
|
|
||||||
|
public static function SetCookie(string $sName, string $sValue = '', int $iExpire = 0)
|
||||||
{
|
{
|
||||||
$sPath = static::$CookieDefaultPath;
|
$sPath = static::$CookieDefaultPath;
|
||||||
$sPath = $sPath && \strlen($sPath) ? $sPath : '/';
|
$sPath = $sPath && \strlen($sPath) ? $sPath : '/';
|
||||||
|
|
@ -133,14 +148,7 @@ class Utils
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
foreach (\str_split($sValue, $iMaxSize) as $i => $sPart) {
|
foreach (\str_split($sValue, $iMaxSize) as $i => $sPart) {
|
||||||
\setcookie($i ? "{$sName}~{$i}" : $sName, $sPart, array(
|
static::_SetCookie($i ? "{$sName}~{$i}" : $sName, $sPart, $iExpire);
|
||||||
'expires' => $iExpire,
|
|
||||||
'path' => $sPath,
|
|
||||||
// 'domain' => $sDomain,
|
|
||||||
'secure' => isset($_SERVER['HTTPS']) || static::$CookieDefaultSecure,
|
|
||||||
'httponly' => $bHttpOnly,
|
|
||||||
'samesite' => 'Strict'
|
|
||||||
));
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -151,14 +159,7 @@ class Utils
|
||||||
foreach (\array_keys($_COOKIE) as $sCookieName) {
|
foreach (\array_keys($_COOKIE) as $sCookieName) {
|
||||||
if (\strtok($sCookieName, '~') === $sName) {
|
if (\strtok($sCookieName, '~') === $sName) {
|
||||||
unset($_COOKIE[$sCookieName]);
|
unset($_COOKIE[$sCookieName]);
|
||||||
\setcookie($sCookieName, '', array(
|
static::_SetCookie($sCookieName, '', \time() - 3600 * 24 * 30);
|
||||||
'expires' => \time() - 3600 * 24 * 30,
|
|
||||||
'path' => $sPath && \strlen($sPath) ? $sPath : '/',
|
|
||||||
// 'domain' => null,
|
|
||||||
'secure' => isset($_SERVER['HTTPS']) || static::$CookieDefaultSecure,
|
|
||||||
'httponly' => true,
|
|
||||||
'samesite' => 'Strict'
|
|
||||||
));
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue