portal: serve app logos from an sso-specific route (to keep separation of concern etc)

2024-09-03 20:06:10 +02:00 · 2024-02-03 18:24:31 +01:00 · 2024-02-03 18:24:31 +01:00 · ca835534de
commit ca835534de
parent 69cc6345a5
2 changed files with 8 additions and 1 deletions
--- a/conf/nginx/plain/yunohost_sso.conf.inc
+++ b/conf/nginx/plain/yunohost_sso.conf.inc
@ -13,5 +13,12 @@ location /yunohost/sso/ {
        more_set_headers "Cache-Control: no-store, no-cache, must-revalidate";
    }

+    location /yunohost/sso/applogos/ {
+        alias /usr/share/yunohost/applogos/;
+        expires 1M;
+        # max-age in seconds, one month
+        add_header Cache-Control "max-age=2629746, public";
+    }
+
    more_set_headers "Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; object-src 'none'; img-src 'self' data:;";
 }
--- a/src/app.py
+++ b/src/app.py
@ -1714,7 +1714,7 @@ def app_ssowatconf():
        # Also related to "people will want to customize those.."
        app_catalog_info = apps_catalog.get(app_id.split("__")[0])
        if app_catalog_info and "logo_hash" in app_catalog_info:
-            app_portal_info["logo"] = f"//{app_portal_domain}/yunohost/admin/applogos/{app_catalog_info['logo_hash']}.png"
+            app_portal_info["logo"] = f"//{app_portal_domain}/yunohost/sso/applogos/{app_catalog_info['logo_hash']}.png"

        portal_domains_apps[app_portal_domain][app_id] = app_portal_info