public function sanitizeHtmlMailBody($mailBody, array $messageParameters, Closure $mapCidToAttachmentId) { $config = HTMLPurifier_Config::createDefault(); // Append target="_blank" to all link (a) elements $config->set('HTML.TargetBlank', true); // allow cid, http and ftp $config->set('URI.AllowedSchemes', ['cid' => true, 'http' => true, 'https' => true, 'ftp' => true, 'mailto' => true]); $config->set('URI.Host', Util::getServerHostName()); // Disable the cache since ownCloud has no really appcache // TODO: Fix this - requires https://github.com/owncloud/core/issues/10767 to be fixed $config->set('Cache.DefinitionImpl', null); // Rewrite URL for redirection and proxying of content $html = $config->getDefinition('HTML'); $html->info_attr_transform_post['imagesrc'] = new TransformImageSrc($this->urlGenerator); $html->info_attr_transform_post['cssbackground'] = new TransformCSSBackground($this->urlGenerator); $html->info_attr_transform_post['htmllinks'] = new TransformHTMLLinks(); $uri = $config->getDefinition('URI'); $uri->addFilter(new TransformURLScheme($messageParameters, $mapCidToAttachmentId, $this->urlGenerator), $config); HTMLPurifier_URISchemeRegistry::instance()->register('cid', new CidURIScheme()); $purifier = new HTMLPurifier($config); $result = $purifier->purify($mailBody); // eat xml parse errors within HTMLPurifier libxml_clear_errors(); return $result; }
/** * Validates an assertion * @param String $assertion * @return String */ public static function Validate($assertion) { self::$_isPersona = true; $data = array('assertion' => $assertion, 'audience' => \OCP\Util::getServerProtocol() . '://' . \OCP\Util::getServerHostName()); $response = self::_query($data); return self::_parseResponse($response); }
/** * @NoAdminRequired * @NoCSRFRequired * * @throws \Exception If the URL is not valid. * @return TemplateResponse */ public function redirect() { $templateName = 'redirect'; $route = 'mail.page.index'; $mailURL = $this->urlGenerator->linkToRoute($route); $url = $this->request->getParam('src'); $authorizedRedirect = false; if (strpos($url, 'http://') !== 0 && strpos($url, 'https://') !== 0) { throw new \Exception('URL is not valid.', 1); } // If the request has a referrer from this domain redirect the user without interaction // this is there to prevent an open redirector. // Since we can't prevent the referrer from being added with a HTTP only header we rely on an // additional JS file here. if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) === Util::getServerHostName()) { Util::addScript('mail', 'autoredirect'); $authorizedRedirect = true; } $params = ['authorizedRedirect' => $authorizedRedirect, 'url' => $url, 'urlHost' => parse_url($url, PHP_URL_HOST), 'mailURL' => $mailURL]; return new TemplateResponse($this->appName, $templateName, $params, 'guest'); }
/** * @param array $attr * @param HTMLPurifier_Config $config * @param HTMLPurifier_Context $context * @return array */ public function transform($attr, $config, $context) { if ($context->get('CurrentToken')->name !== 'img' || !isset($attr['src'])) { return $attr; } // Block tracking pixels if (isset($attr['width']) && isset($attr['height']) && (int) $attr['width'] < 5 && (int) $attr['height'] < 5) { // Replace with a transparent png in case it's important for the layout $attr['src'] = Util::imagePath('mail', 'blocked-image.png'); $attr = $this->setDisplayNone($attr); return $attr; } // Do not block images attached to the email $url = $this->parser->parse($attr['src']); if ($url->host === Util::getServerHostName() && $url->path === $this->urlGenerator->linkToRoute('mail.proxy.proxy')) { $attr['data-original-src'] = $attr['src']; $attr['src'] = Util::imagePath('mail', 'blocked-image.png'); $attr = $this->setDisplayNone($attr); } return $attr; }
public function __construct(array $urlParams = array()) { parent::__construct('mail', $urlParams); $container = $this->getContainer(); /** * Controllers */ $container->registerService('PageController', function ($c) { /** @var IAppContainer $c */ return new PageController($c->query('AppName'), $c->query('Request'), $c->query('MailAccountMapper'), $c->query('ServerContainer')->getURLGenerator(), $c->query('UserId')); }); $container->registerService('AccountService', function ($c) { /** @var IAppContainer $c */ return new AccountService($c->query('MailAccountMapper'), $c->getServer()->getL10N('mail')); }); $container->registerService('AccountsController', function ($c) { /** @var IAppContainer $c */ return new AccountsController($c->query('AppName'), $c->query('Request'), $c->query('AccountService'), $c->query('UserId'), $c->getServer()->getUserFolder(), $c->query('ContactsIntegration'), $c->query('AutoConfig'), $c->query('Logger'), $c->getServer()->getL10N('mail'), $c->getServer()->getCrypto()); }); $container->registerService('FoldersController', function ($c) { /** @var IAppContainer $c */ return new FoldersController($c->query('AppName'), $c->query('Request'), $c->query('AccountService'), $c->query('UserId')); }); $container->registerService('MessagesController', function ($c) { /** @var IAppContainer $c */ return new MessagesController($c->query('AppName'), $c->query('Request'), $c->query('AccountService'), $c->query('UserId'), $c->getServer()->getUserFolder(), $c->query('ContactsIntegration'), $c->query('Logger'), $c->getServer()->getL10N('mail')); }); $container->registerService('ProxyController', function ($c) { /** @var IAppContainer $c */ return new ProxyController($c->query('AppName'), $c->query('Request'), $c->query('ServerContainer')->getURLGenerator(), $c->query('ServerContainer')->getSession(), $c->getServer()->getHelper(), isset($_SERVER['HTTP_REFERER']) ?: null, \OCP\Util::getServerHostName()); }); /** * Mappers */ $container->registerService('MailAccountMapper', function ($c) { /** @var IAppContainer $c */ return new MailAccountMapper($c->getServer()->getDb()); }); /** * Services */ $container->registerService('ContactsIntegration', function ($c) { /** @var IAppContainer $c */ return new ContactsIntegration($c->getServer()->getContactsManager()); }); $container->registerService('ImapConnectivityTester', function ($c) { /** @var IAppContainer $c */ return new ImapConnectivityTester($c->query('ImapConnector'), $c->query('Logger'), $c->query('UserId')); }); $container->registerService('ImapConnector', function ($c) { /** @var IAppContainer $c */ return new ImapConnector($c->getServer()->getCrypto(), $c->query('Logger'), $c->query('UserId')); }); $container->registerService('ImapServerDetector', function ($c) { /** @var IAppContainer $c */ return new ImapServerDetector($c->query('MxRecord'), $c->query('ImapConnectivityTester')); }); $container->registerService('SmtpConnectivityTester', function ($c) { /** @var IAppContainer $c */ return new SmtpConnectivityTester($c->getServer()->getCrypto(), $c->query('Logger'), $c->query('UserId')); }); $container->registerService('SmtpServerDetector', function ($c) { $transport = $c->getServer()->getConfig()->getSystemValue('app.mail.transport', 'smtp'); /** @var IAppContainer $c */ return new SmtpServerDetector($c->query('MxRecord'), $c->query('SmtpConnectivityTester'), $transport === 'smtp'); }); $container->registerService('MozillaIspDb', function ($c) { /** @var IAppContainer $c */ return new MozillaIspDb($c->query('Logger')); }); $container->registerService('MxRecord', function ($c) { /** @var IAppContainer $c */ return new MxRecord($c->query('Logger')); }); $container->registerService('AutoConfig', function ($c) { /** @var IAppContainer $c */ return new AutoConfig($c->query('Logger'), $c->query('UserId'), $c->query('MozillaIspDb'), $c->query('MxRecord'), $c->query('ImapConnectivityTester'), $c->query('ImapServerDetector'), $c->query('SmtpConnectivityTester'), $c->query('SmtpServerDetector'), $c->query('ImapConnector'), $c->getServer()->getCrypto()); }); $container->registerService('Logger', function ($c) { /** @var IAppContainer $c */ return new Logger($c->query('AppName'), $c->query('ServerContainer')->getLogger()); }); /** * Core */ $container->registerService('UserId', function () { return \OCP\User::getUser(); }); }
public static function generateUID($app = 'contacts') { $uuid = new UUID(); return $uuid->get() . '@' . \OCP\Util::getServerHostName(); }
/** * @return string */ public static function generateUID() { $uuid = UUIDUtil::getUUID(); return $uuid . '@' . \OCP\Util::getServerHostName(); }
public static function generateUID($app = 'contacts') { return date('Ymd\\THis') . '.' . substr(md5(rand() . time()), 0, 10) . '@' . \OCP\Util::getServerHostName(); }