Fix 'Location:' headers using proper '302 Found' header

2026-06-28 06:46:27 +00:00 · 2023-03-14 09:58:30 +01:00
parent 6fde436865
commit 3464e296c3
7 changed files with 25 additions and 16 deletions
--- a/plugins/login-external/index.php
+++ b/plugins/login-external/index.php
@@ -6,9 +6,9 @@ class LoginExternalPlugin extends \RainLoop\Plugins\AbstractPlugin
 		NAME     = 'Login External',
 		AUTHOR   = 'SnappyMail',
 		URL      = 'https://snappymail.eu/',
-		VERSION  = '1.1',
-		RELEASE  = '2022-12-24',
-		REQUIRED = '2.21.0',
+		VERSION  = '1.2',
+		RELEASE  = '2023-03-14',
+		REQUIRED = '2.27.0',
 		CATEGORY = 'Login',
 		LICENSE  = 'MIT',
 		DESCRIPTION = 'Login with $_POST["Email"] and $_POST["Password"] from anywhere';
@@ -60,7 +60,7 @@ class LoginExternalPlugin extends \RainLoop\Plugins\AbstractPlugin
 			}
 			echo \json_encode($aResult);
 		} else {
-			$oActions->Location('./');
+			\MailSo\Base\Http::Location('./');
 		}
 		return true;
 	}
--- a/plugins/login-remote/index.php
+++ b/plugins/login-remote/index.php
@@ -6,9 +6,9 @@ class LoginRemotePlugin extends \RainLoop\Plugins\AbstractPlugin
 		NAME     = 'Login Remote',
 		AUTHOR   = 'SnappyMail',
 		URL      = 'https://snappymail.eu/',
-		VERSION  = '1.2',
-		RELEASE  = '2022-11-24',
-		REQUIRED = '2.21.0',
+		VERSION  = '1.3',
+		RELEASE  = '2023-03-14',
+		REQUIRED = '2.27.0',
 		CATEGORY = 'Login',
 		LICENSE  = 'MIT',
 		DESCRIPTION = 'Tries to login using the $_ENV["REMOTE_*"] variables';
@@ -55,7 +55,7 @@ class LoginRemotePlugin extends \RainLoop\Plugins\AbstractPlugin
 			}
 		}

-		$oActions->Location('./');
+		\MailSo\Base\Http::Location('./');
 		return true;
 	}

--- a/snappymail/v/0.0.0/app/libraries/MailSo/Base/Http.php
+++ b/snappymail/v/0.0.0/app/libraries/MailSo/Base/Http.php
@@ -139,6 +139,7 @@ class Http

 	public static function checkETag(string $ETag) : void
 	{
+		// $ETag . APP_VERSION
 		$sIfNoneMatch = static::GetHeader('If-None-Match');
 		if ($sIfNoneMatch && false !== \strpos($sIfNoneMatch, $ETag)) {
 			static::StatusHeader(304);
@@ -153,6 +154,7 @@ class Http

 	public static function setETag(string $ETag) : void
 	{
+		// $ETag . APP_VERSION
 		static::checkETag($ETag);
 		\header("ETag: \"{$ETag}\"");
 	}
@@ -208,6 +210,7 @@ class Http
 				200 => 'OK',
 				206 => 'Partial Content',
 				301 => 'Moved Permanently',
+				302 => 'Found',
 				304 => 'Not Modified',
 				400 => 'Bad Request',
 				401 => 'Unauthorized',
@@ -231,6 +234,12 @@ class Http
 		}
 	}

+	public static function Location(string $sUrl, int $iStatus = 302): void
+	{
+		static::StatusHeader($iStatus);
+		\header('Location: ' . $sUrl);
+	}
+
 	public function GetPath() : string
 	{
 		$sUrl = \ltrim(\substr(static::GetServer('SCRIPT_NAME', ''), 0, \strrpos(static::GetServer('SCRIPT_NAME', ''), '/')), '/');
--- a/snappymail/v/0.0.0/app/libraries/MailSo/Imap/Traits/Status.php
+++ b/snappymail/v/0.0.0/app/libraries/MailSo/Imap/Traits/Status.php
@@ -92,7 +92,7 @@ trait Status
 	{
 		if (!$this->hasStatus) {
 			// UNSEEN undefined when only SELECT/EXAMINE is used
-			\error_log("STATUS missing " . \print_r($this,true));
+			\error_log("{$this->FullName} STATUS missing " . \print_r(\debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS),true));
 			return;
 		}
 		if (!isset($this->MESSAGES, $this->UIDNEXT)) {
--- a/snappymail/v/0.0.0/app/libraries/RainLoop/Actions.php
+++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Actions.php
@@ -1126,10 +1126,10 @@ class Actions
 		return isset($this->aCurrentActionParams[$sKey]);
 	}

-	public function Location(string $sUrl): void
+	public function Location(string $sUrl, int $iStatus = 302): void
 	{
-		$this->oLogger->Write('Location: ' . $sUrl);
-		\header('Location: ' . $sUrl);
+		$this->oLogger->Write("{$iStatus} Location: {$sUrl}");
+		\MailSo\Base\Http::Location($sUrl, $iStatus);
 	}

 }
--- a/snappymail/v/0.0.0/app/libraries/RainLoop/Service.php
+++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Service.php
@@ -39,7 +39,7 @@ abstract class Service

 		$oHttp = \MailSo\Base\Http::SingletonInstance();
 		if ($oConfig->Get('security', 'force_https', false) && !$oHttp->IsSecure()) {
-			\header('Location: https://'.$oHttp->GetHost(false).$oHttp->GetUrl());
+			\MailSo\Base\Http::Location('https://'.$oHttp->GetHost(false).$oHttp->GetUrl());
 			return true;
 		}

@@ -139,7 +139,7 @@ abstract class Service
 			if (!$bAdmin) {
 				$login = $oConfig->Get('labs', 'custom_login_link', '');
 				if ($login && !$oActions->getAccountFromToken(false)) {
-					\header("Location: {$login}");
+					\MailSo\Base\Http::Location($login);
 					return true;
 				}
 			}
--- a/snappymail/v/0.0.0/app/libraries/RainLoop/ServiceActions.php
+++ b/snappymail/v/0.0.0/app/libraries/RainLoop/ServiceActions.php
@@ -515,7 +515,7 @@ class ServiceActions
 				))
 			);
 		}
-		$this->oActions->Location('./');
+		\MailSo\Base\Http::Location('./');
 		return '';
 	}

@@ -595,7 +595,7 @@ class ServiceActions
 			}
 		}

-		$this->oActions->Location('./');
+		\MailSo\Base\Http::Location('./');
 		return '';
 	}