From 68c2f41da6b33bd8c949e5ba624bedba08c448be Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Fri, 19 Jan 2018 21:45:39 +0100 Subject: [PATCH] Move patches to the right folder (fixes #83) --- ...patch => app-00-add-logout_url-conf.patch} | 0 ...able-CSPv3-nonce_and_allow-YNH-fonts.patch | 66 +++++++++---------- 2 files changed, 33 insertions(+), 33 deletions(-) rename sources/patches/{00-add-logout_url-conf.patch => app-00-add-logout_url-conf.patch} (100%) rename patches/01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch => sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch (97%) diff --git a/sources/patches/00-add-logout_url-conf.patch b/sources/patches/app-00-add-logout_url-conf.patch similarity index 100% rename from sources/patches/00-add-logout_url-conf.patch rename to sources/patches/app-00-add-logout_url-conf.patch diff --git a/patches/01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch b/sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch similarity index 97% rename from patches/01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch rename to sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch index eba7c0c..f5ced3a 100644 --- a/patches/01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch +++ b/sources/patches/app-01-disable-CSPv3-nonce_and_allow-YNH-fonts.patch @@ -1,33 +1,33 @@ - lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++ - lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++- - 2 files changed, 6 insertions(+), 1 deletion(-) - -diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php -index 85ae127f5f..91618a09fc 100644 ---- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php -+++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php -@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager { - * @return bool - */ - public function browserSupportsCspV3() { -+ // YunoHost patch: disable CSPv3 nonces to: -+ // - avoid white page on first login from YunoHost portal -+ // - allow YunoHost tile display -+ return false; - $browserWhitelist = [ - Request::USER_AGENT_CHROME, - // Firefox 45+ -diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php -index 64d4eb6e5d..59d5885620 100644 ---- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php -+++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php -@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy { - - if(!empty($this->allowedFontDomains)) { - $policy .= 'font-src ' . implode(' ', $this->allowedFontDomains); -- $policy .= ';'; -+ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script -+ $policy .= ' data:;'; - } - - if(!empty($this->allowedConnectDomains)) { + lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php | 4 ++++ + lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php | 3 ++- + 2 files changed, 6 insertions(+), 1 deletion(-) + +diff --git a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php +index 85ae127f5f..91618a09fc 100644 +--- a/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php ++++ b/lib/private/Security/CSP/ContentSecurityPolicyNonceManager.php +@@ -65,6 +65,10 @@ class ContentSecurityPolicyNonceManager { + * @return bool + */ + public function browserSupportsCspV3() { ++ // YunoHost patch: disable CSPv3 nonces to: ++ // - avoid white page on first login from YunoHost portal ++ // - allow YunoHost tile display ++ return false; + $browserWhitelist = [ + Request::USER_AGENT_CHROME, + // Firefox 45+ +diff --git a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php +index 64d4eb6e5d..59d5885620 100644 +--- a/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php ++++ b/lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php +@@ -377,7 +377,8 @@ class EmptyContentSecurityPolicy { + + if(!empty($this->allowedFontDomains)) { + $policy .= 'font-src ' . implode(' ', $this->allowedFontDomains); +- $policy .= ';'; ++ // YunoHost patch: extend font-src to load data fonts embedded in YunoHost tile script ++ $policy .= ' data:;'; + } + + if(!empty($this->allowedConnectDomains)) {