From f0658424024fb48b34c3867b6d763273888a2fa1 Mon Sep 17 00:00:00 2001 From: Phoenix Eve Aspacio Date: Wed, 11 Dec 2024 10:03:47 +0800 Subject: [PATCH 1/2] Updated to $_REQUEST. tested from my end. --- data/web/inc/ajax/sieve_validation.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/data/web/inc/ajax/sieve_validation.php b/data/web/inc/ajax/sieve_validation.php index eb421b4a48..99be1f0c06 100644 --- a/data/web/inc/ajax/sieve_validation.php +++ b/data/web/inc/ajax/sieve_validation.php @@ -4,14 +4,14 @@ if (!isset($_SESSION['mailcow_cc_role'])) { exit(); } -if (isset($_GET['script'])) { +if (isset($_REQUEST['script'])) { $sieve = new Sieve\SieveParser(); try { - if (empty($_GET['script'])) { + if (empty($_REQUEST['script'])) { echo json_encode(array('type' => 'danger', 'msg' => $lang['danger']['script_empty'])); exit(); } - $sieve->parse($_GET['script']); + $sieve->parse($_REQUEST['script']); } catch (Exception $e) { echo json_encode(array('type' => 'danger', 'msg' => $e->getMessage())); From d09e4ff0209515cca58e1c502da648b5b86287da Mon Sep 17 00:00:00 2001 From: Phoenix Eve Aspacio Date: Wed, 11 Dec 2024 10:06:10 +0800 Subject: [PATCH 2/2] Convert AJAX to POST request This AJAX request sends form data in $_GET request query. This is problematic and unreliable when validating superrrr loooooong conditions, especially in environments that use reverse-proxy. Been having this problem and this PR solves it. :) --- data/web/js/site/mailbox.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/data/web/js/site/mailbox.js b/data/web/js/site/mailbox.js index af2862a37e..018233673a 100644 --- a/data/web/js/site/mailbox.js +++ b/data/web/js/site/mailbox.js @@ -179,9 +179,8 @@ $(document).ready(function() { // Get script_data textarea content from form the button was clicked in var script = $('textarea[name="script_data"]', $(this).parents('form:first')).val(); $.ajax({ - dataType: 'json', url: "/inc/ajax/sieve_validation.php", - type: "get", + type: "post", data: { script: script }, complete: function(data) { var response = (data.responseText);