[1.4.3]
Update sftpgo to 2.7.4
Full Changelog
Symbolic links: the new symlink_mode setting selects, per backend, whether clients holding the create_symlinks permission may create symbolic links on the local filesystem, the SFTP backend, or both. It is disabled by default. Creating a link requires create_symlinks on both the link's directory and the directory it points into, so per-directory permissions are enforced consistently on the path the client requests.
OIDC redirect: the WebClient OIDC login now preserves a next redirect target across the IdP round-trip.
httpd: return after a CSRF failure in the web client login. The login POST handler rendered the CSRF error page but did not return, so execution fell through into the post-connect hook and the credential verification pipeline. Added the missing return to match the admin login, password reset, and setup handlers.
Improve symbolic links handling and add more test cases.
httpd: clean and unify the WebClient post-login redirect target validation.