Integrates webmail and emailDelivery apps, mail-server and install/upgrade
paths, cyberpanel_ols 2.7.0-style binaries, and v2.4.5 UI patterns while
preserving v2.5.5-dev behavior (SnappyMail/PUBLIC_ROOT, childPath in
launchChild, hardened downloads and SSH activity modal).
- Fix delete for domain and Root File Manager: use sudo helper when
lscpd/executioner fails (TOKEN/sendCommand issues)
- Add safe-delete-path and safe-move-path helpers for base64 path handling
- Add ACLManager.isPathInsideHome and isFilePathSafeForShell for path validation
- Fix upload authorization for Root File Manager (domainName empty)
- Harden outputExecutioner result checks to prevent 500 on None
- Update Bootstrap CDN for CSP compatibility
- Improve error display and a11y focus management in modals
- Resolves#1670: files with special characters can be uploaded/deleted
- Changed from incorrect URI splitting to proper request.GET.get() method
- Added proper URL decoding with unquote()
- Fixed both downloadFile and RootDownloadFile functions
- Added path normalization for additional security
- Added file existence validation
- Improved error messages to match reported error format
This fixes the 'Unauthorized access: Not a valid file' error when downloading files from the file manager.
- Changed from incorrect URI splitting to proper request.GET.get() method
- Added proper URL decoding with unquote()
- Fixed both downloadFile and RootDownloadFile functions
- Preserved existing security checks (symlink detection, path traversal prevention)
- Added path normalization for additional security
- Improved error messages to match reported error format
This fixes the 'Unauthorized access: Not a valid file' error when downloading files from the file manager.
