diff --git a/index.php b/index.php index 60b4cbd4b..fdd412e5a 100644 --- a/index.php +++ b/index.php @@ -33,6 +33,9 @@ require_once 'program/include/iniset.php'; // init application, start session, init output class, etc. $RCMAIL = rcmail::get_instance(); +// Make the whole PHP output non-cacheable (#1487797) +send_nocacheing_headers(); + // turn on output buffering ob_start(); @@ -177,7 +180,7 @@ if (empty($RCMAIL->user->ID)) { ) ); } - + if ($session_error || $_REQUEST['_err'] == 'session') $OUTPUT->show_message('sessionerror', 'error', null, true, -1); diff --git a/program/include/rcube_shared.inc b/program/include/rcube_shared.inc index 68f3fe44f..abaa8aa03 100644 --- a/program/include/rcube_shared.inc +++ b/program/include/rcube_shared.inc @@ -22,7 +22,7 @@ /** * Roundcube shared functions - * + * * @package Core */ @@ -69,50 +69,6 @@ function send_future_expire_header($offset=2600000) } -/** - * Check request for If-Modified-Since and send an according response. - * This will terminate the current script if headers match the given values - * - * @param int Modified date as unix timestamp - * @param string Etag value for caching - */ -function send_modified_header($mdate, $etag=null, $skip_check=false) -{ - if (headers_sent()) - return; - - $iscached = false; - $etag = $etag ? "\"$etag\"" : null; - - if (!$skip_check) - { - if ($_SERVER['HTTP_IF_MODIFIED_SINCE'] && strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) >= $mdate) - $iscached = true; - - if ($etag) - $iscached = ($_SERVER['HTTP_IF_NONE_MATCH'] == $etag); - } - - if ($iscached) - header("HTTP/1.x 304 Not Modified"); - else - header("Last-Modified: ".gmdate("D, d M Y H:i:s", $mdate)." GMT"); - - header("Cache-Control: private, must-revalidate, max-age=0"); - header("Expires: "); - header("Pragma: "); - - if ($etag) - header("Etag: $etag"); - - if ($iscached) - { - ob_end_clean(); - exit; - } -} - - /** * Similar function as in_array() but case-insensitive * @@ -126,7 +82,7 @@ function in_array_nocase($needle, $haystack) foreach ($haystack as $value) if ($needle===mb_strtolower($value)) return true; - + return false; } @@ -218,7 +174,7 @@ function make_absolute_url($path, $base_url) { $host_url = $base_url; $abs_path = $path; - + // check if path is an absolute URL if (preg_match('/^[fhtps]+:\/\//', $path)) return $path; @@ -325,7 +281,7 @@ function rc_request_header($name) } return $hdrs[$key]; - } +} /** @@ -344,7 +300,7 @@ function unslashify($str) { return preg_replace('/\/$/', '', $str); } - + /** * Delete all files within a folder @@ -374,7 +330,7 @@ function clear_directory($dir_path) * @return int Unix timestamp */ function get_offset_time($offset_str, $factor=1) - { +{ if (preg_match('/^([0-9]+)\s*([smhdw])/i', $offset_str, $regs)) { $amount = (int)$regs[1]; @@ -385,7 +341,7 @@ function get_offset_time($offset_str, $factor=1) $amount = (int)$offset_str; $unit = 's'; } - + $ts = mktime(); switch ($unit) { @@ -418,7 +374,7 @@ function get_offset_time($offset_str, $factor=1) function abbreviate_string($str, $maxlength, $place_holder='...', $ending=false) { $length = mb_strlen($str); - + if ($length > $maxlength) { if ($ending) @@ -433,6 +389,7 @@ function abbreviate_string($str, $maxlength, $place_holder='...', $ending=false) return $str; } + /** * A method to guess the mime_type of an attachment. * @@ -547,7 +504,7 @@ function rc_utf8_clean($input) $input[$idx] = rc_utf8_clean($val); return $input; } - + if (!is_string($input) || $input == '') return $input; @@ -569,7 +526,7 @@ function rc_utf8_clean($input) '|[\xF1-\xF3][\x80-\xBF][\x80-\xBF][\x80-\xBF]'.// UTF8-4 '|\xF4[\x80-\x8F][\x80-\xBF][\x80-\xBF]'. // UTF8-4 ')$/'; - + $seq = ''; $out = ''; @@ -640,7 +597,7 @@ function rcube_explode_quoted_string($delimiter, $string) $p = $i + 1; } } - + $result[] = substr($string, $p); return $result; } @@ -655,7 +612,7 @@ function rcube_explode_quoted_string($delimiter, $string) function array_keys_recursive($array) { $keys = array(); - + if (!empty($array)) foreach ($array as $key => $child) { $keys[] = $key; diff --git a/program/steps/addressbook/export.inc b/program/steps/addressbook/export.inc index a710aa204..8ba1c08b6 100644 --- a/program/steps/addressbook/export.inc +++ b/program/steps/addressbook/export.inc @@ -66,7 +66,6 @@ else { } // send downlaod headers -send_nocacheing_headers(); header('Content-Type: text/x-vcard; charset='.RCMAIL_CHARSET); header('Content-Disposition: attachment; filename="rcube_contacts.vcf"'); diff --git a/program/steps/mail/get.inc b/program/steps/mail/get.inc index 4eccd287e..d4dcd0a84 100644 --- a/program/steps/mail/get.inc +++ b/program/steps/mail/get.inc @@ -64,8 +64,6 @@ if (!empty($_GET['_uid'])) { $MESSAGE = new rcube_message(get_input_value('_uid', RCUBE_INPUT_GET)); } -send_nocacheing_headers(); - // show part page if (!empty($_GET['_frame'])) { $OUTPUT->send('messagepart'); diff --git a/program/steps/mail/show.inc b/program/steps/mail/show.inc index 0766583a4..97cac5822 100644 --- a/program/steps/mail/show.inc +++ b/program/steps/mail/show.inc @@ -30,8 +30,6 @@ if ($uid = get_input_value('_uid', RCUBE_INPUT_GET)) { rcmail_message_error($uid); } - send_nocacheing_headers(); - $mbox_name = $IMAP->get_mailbox_name(); // show images?