portal: serve app logos from an sso-specific route (to keep separation of concern etc)

This commit is contained in:
Alexandre Aubin 2024-02-03 18:24:31 +01:00
parent 69cc6345a5
commit ca835534de
2 changed files with 8 additions and 1 deletions

View file

@ -13,5 +13,12 @@ location /yunohost/sso/ {
more_set_headers "Cache-Control: no-store, no-cache, must-revalidate";
}
location /yunohost/sso/applogos/ {
alias /usr/share/yunohost/applogos/;
expires 1M;
# max-age in seconds, one month
add_header Cache-Control "max-age=2629746, public";
}
more_set_headers "Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; object-src 'none'; img-src 'self' data:;";
}

View file

@ -1714,7 +1714,7 @@ def app_ssowatconf():
# Also related to "people will want to customize those.."
app_catalog_info = apps_catalog.get(app_id.split("__")[0])
if app_catalog_info and "logo_hash" in app_catalog_info:
app_portal_info["logo"] = f"//{app_portal_domain}/yunohost/admin/applogos/{app_catalog_info['logo_hash']}.png"
app_portal_info["logo"] = f"//{app_portal_domain}/yunohost/sso/applogos/{app_catalog_info['logo_hash']}.png"
portal_domains_apps[app_portal_domain][app_id] = app_portal_info