[ZendTo] Help with new installation of ZendTo

Jules Field Jules at Zend.To
Mon Sep 17 09:30:57 BST 2018 

David,

Sadly you hit a very short-lived bug in the Installer.
After a couple of people reported it, I fixed it but you must have 
downloaded the broken one.
Sorry about that!

The fix is to replace the lines

   <IfModule mod_headers.c>
     Header edit Set-Cookie ^(.*)$ ;SameSite=Strict
   </IfModule>

with

   <IfModule mod_headers.c>
     Header edit Set-Cookie ^(.*)$ *$1*;SameSite=Strict
   </IfModule>

The extra bit is the "$1" I've put in bold above.

Cheers,
Jules.

On 15/09/2018 14:08, David Jones via ZendTo wrote:
> On 09/14/2018 04:06 PM, David Jones wrote:
>> CentOS 7 with SELinux disabled and yum updated.
>> ZendTo installed with the official installer script 
>> from https://zend.to/downloads.php
>> SQLbackend is the default  -- define('SqlBackend', 'SQLite3');
>> Authentication is with Office 365 via IMAP:
>>      'authIMAPServer' => 'outlook.office365.com:993/ssl',
>>      'authIMAPDomain' => '',
>>      'authIMAPOrganization' => '',
>> Apache has write access to /var/zendto:
>> [root at server-01 zendto]# ll
>> total 48
>> drwxrwxr-x. 3 apache apache    62 Aug 27 00:05 cache
>> drwxrwxr-x. 3 apache apache    30 Sep 14 16:09 dropoffs
>> drwxrwxr-x. 2 apache apache     6 Sep 14 16:09 incoming
>> drwxrwxr-x. 2 apache apache     6 Aug 26 20:19 library
>> drwxrwxr-x. 2 apache apache    50 Aug 26 20:19 myzendto.templates_c
>> drwxrwxr-x. 2 apache apache  4096 Aug 26 20:20 rrd
>> drwxrwxr-x. 2 apache apache  4096 Sep 14 16:45 templates_c
>> -rw-rw-r--. 1 apache apache 11501 Sep 14 16:45 zendto.log
>> -rw-rw-r--  1 apache apache 25600 Sep 14 16:34 zendto.sqlite
>>
>> I have two issues:
>> 1. When I get logged in and see the "Inbox" tab, as soon as I click 
>> anything, the server thinks I am not authenticated and tells me 
>> "Access Denied, This feature is only available to users who have 
>> logged in."
>> 2. I am not able to put the email domain in the authIMAPDomain value 
>> and get authenticated to Office 365.  I tried with and without the @ 
>> sign.  The domain is rather long so I wold like to not have to 
>> require users to have to enter it if possible.  Is there a debug 
>> option on the authIMAP like there is for SMTP or a log that would 
>> help me troubleshoot this?
>>
>> Thanks,
>> Dave
>>
>
> I figured out problem #1.  Had to comment this out of the 
> zendto-ssl.conf Apache config to get the login cookie to work:
>
>   #<IfModule mod_headers.c>
>   #  Header edit Set-Cookie ^(.*)$ ;SameSite=Strict
>   #</IfModule>
>

Jules

-- 
Julian Field MEng CEng CITP MBCS MIEEE MACM

'Give a man a fish, and you feed him for a day.
  Teach a man to fish, and he'll sit in a boat and drink beer all day.'
    - Anon

www.Zend.To
Twitter: @JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20180917/34d612bc/attachment-0001.html>

More information about the ZendTo mailing list