Files
mxautologin/exec/lib/Http.php
T
2026-06-30 19:34:01 +02:00

94 lines
3.4 KiB
PHP

<?php
declare(strict_types=1);
final class Http
{
public static function bootstrapGlobals(): void
{
if (PHP_SAPI !== 'cli') {
return;
}
$_SERVER['REQUEST_METHOD'] = strtoupper((string)(getenv('REQUEST_METHOD') ?: 'GET'));
foreach ([
'USER',
'USERNAME',
'SESSION_ID',
'REQUEST_URI',
'HTTP_HOST',
'SERVER_NAME',
'SERVER_PORT',
'REMOTE_ADDR',
'HTTP_X_FORWARDED_FOR',
'HTTP_X_FORWARDED_PROTO',
] as $key) {
if (!isset($_SERVER[$key])) {
$value = getenv($key);
if ($value !== false) {
$_SERVER[$key] = $value;
}
}
}
}
public static function method(): string
{
return strtoupper((string)($_SERVER['REQUEST_METHOD'] ?? 'GET'));
}
public static function redirectNoStore(string $url): void
{
header('Cache-Control: no-store, private');
header('Pragma: no-cache');
header('Referrer-Policy: no-referrer');
header('X-Content-Type-Options: nosniff');
header('Location: ' . $url, true, 302);
exit;
}
public static function browserRedirectNoStore(string $url): void
{
header('Content-Type: text/html; charset=UTF-8');
header('Cache-Control: no-store, private');
header('Pragma: no-cache');
header('Referrer-Policy: no-referrer');
header('X-Content-Type-Options: nosniff');
header("Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline'; style-src 'unsafe-inline'; base-uri 'none'; form-action 'none'");
echo self::redirectPageHtml($url);
exit;
}
public static function redirectPageHtml(string $url): string
{
$safeUrl = htmlspecialchars($url, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
$jsonUrl = json_encode($url, JSON_UNESCAPED_SLASHES | JSON_HEX_TAG | JSON_HEX_AMP | JSON_HEX_APOS | JSON_HEX_QUOT);
if (!is_string($jsonUrl)) {
$jsonUrl = '"/"';
}
return '<!doctype html><html lang="pl"><head><meta charset="utf-8">'
. '<meta name="viewport" content="width=device-width, initial-scale=1">'
. '<meta http-equiv="refresh" content="0;url=' . $safeUrl . '">'
. '<title>Serwer poczty</title></head><body>'
. '<script>(function(){var target=' . $jsonUrl . ';'
. 'try{if(window.top){window.top.location.replace(target);return;}}catch(e){}'
. 'window.location.replace(target);}());</script>'
. '<p><a rel="noreferrer" href="' . $safeUrl . '">Otwórz panel poczty</a></p>'
. '</body></html>';
}
public static function errorPage(string $message, int $status): void
{
http_response_code($status);
header('Content-Type: text/html; charset=UTF-8');
header('Cache-Control: no-store, private');
header('Referrer-Policy: no-referrer');
$safe = htmlspecialchars($message, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
echo '<!doctype html><html lang="pl"><head><meta charset="utf-8">';
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
echo '<title>Serwer poczty</title></head><body>';
echo '<h1>Serwer poczty</h1><p>' . $safe . '</p>';
echo '</body></html>';
exit;
}
}