1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/snserver_ynh.git synced 2024-09-03 20:26:22 +02:00

Fix Extensions Content-Security-Policy

This commit is contained in:
Fabian Wilkens 2021-01-24 18:06:51 +01:00
parent e8046d004b
commit 179a557599
No known key found for this signature in database
GPG key ID: 23DFA025BB4E9FAB
3 changed files with 11 additions and 12 deletions

View file

@ -13,5 +13,5 @@ location __PATH__/ {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off; proxy_buffering off;
more_set_headers "X-Frame-Options: allow-from __ACCESS_DOMAIN__"; more_set_headers "Content-Security-Policy: frame-ancestors 'self' __ACCESS_DOMAIN__";
} }

View file

@ -11,4 +11,4 @@ name = "SNserver configuration"
ask = "Which web app can access the Standart Notes Extensions?" ask = "Which web app can access the Standart Notes Extensions?"
type = "string" type = "string"
default = "" default = ""
help = "Please enter the domain without the path of a Standart Notes Web App, which should have access to the Standard Notes Extensions.<br>Example: domain.tld, notes.domain.tld" help = "Please enter the domain(s) without the path of a Standart Notes Web App, which should have access to the Standard Notes Extensions.<br>Example: domain.tld<br>Example: https://domain.tld<br>Example: domain.tld notes.domain.tld<br>Example: domain.tld https://notes.domain.tld"

View file

@ -27,7 +27,7 @@ domain=$(ynh_app_setting_get --app=$app --key=domain)
show_config() { show_config() {
if [ ! -z $access_domain ] if [ ! -z $access_domain ]
then then
ynh_return "YNH_CONFIG_MAIN_ACCESS_DOMAIN_ACCESS_DOMAIN=$access_domain" ynh_return "YNH_CONFIG_MAIN_ACCESS_DOMAIN_ACCESS_DOMAIN=$(echo $access_domain | sed "s@;@ @g")"
else else
ynh_return "YNH_CONFIG_MAIN_ACCESS_DOMAIN_ACCESS_DOMAIN=$domain" ynh_return "YNH_CONFIG_MAIN_ACCESS_DOMAIN_ACCESS_DOMAIN=$domain"
fi fi
@ -39,17 +39,16 @@ show_config() {
apply_config() { apply_config() {
access_domain=${YNH_CONFIG_MAIN_ACCESS_DOMAIN_ACCESS_DOMAIN:-$access_domain} access_domain=${YNH_CONFIG_MAIN_ACCESS_DOMAIN_ACCESS_DOMAIN:-$access_domain}
ynh_print_info "1: $access_domain"
ynh_app_setting_set --app=$app --key=access_domain --value=$access_domain ynh_app_setting_set --app=$app --key=access_domain --value=$access_domain
access_domain=$(ynh_app_setting_get --app=$app --key=access_domain) access_domain=$(ynh_app_setting_get --app=$app --key=access_domain)
ynh_print_info "2: $access_domain" access_domains=$(echo $access_domain | sed "s@;@ @g")
nginx_conf_path=/etc/nginx/conf.d/$domain.d/$app.conf nginx_conf_path=/etc/nginx/conf.d/$domain.d/$app.conf
ynh_delete_file_checksum --file=$nginx_conf_path ynh_delete_file_checksum --file=$nginx_conf_path
ynh_replace_string \ ynh_replace_string \
--match_string='more_set_headers "X-Frame-Options: allow-from .*";' \ --match_string='more_set_headers "Content-Security-Policy: frame-ancestors '"'self'"'.*";' \
--replace_string='more_set_headers "X-Frame-Options: allow-from '$access_domain'";' \ --replace_string='more_set_headers "Content-Security-Policy: frame-ancestors '"'self' $access_domains"'";' \
--target_file=$nginx_conf_path --target_file=$nginx_conf_path
ynh_store_file_checksum --file=$nginx_conf_path ynh_store_file_checksum --file=$nginx_conf_path