From ca835534deb5216415bddd2d7d48dbdbb85aba26 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sat, 3 Feb 2024 18:24:31 +0100 Subject: [PATCH] portal: serve app logos from an sso-specific route (to keep separation of concern etc) --- conf/nginx/plain/yunohost_sso.conf.inc | 7 +++++++ src/app.py | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/conf/nginx/plain/yunohost_sso.conf.inc b/conf/nginx/plain/yunohost_sso.conf.inc index fb5406cfc..3f63ff696 100644 --- a/conf/nginx/plain/yunohost_sso.conf.inc +++ b/conf/nginx/plain/yunohost_sso.conf.inc @@ -13,5 +13,12 @@ location /yunohost/sso/ { more_set_headers "Cache-Control: no-store, no-cache, must-revalidate"; } + location /yunohost/sso/applogos/ { + alias /usr/share/yunohost/applogos/; + expires 1M; + # max-age in seconds, one month + add_header Cache-Control "max-age=2629746, public"; + } + more_set_headers "Content-Security-Policy: upgrade-insecure-requests; default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; object-src 'none'; img-src 'self' data:;"; } diff --git a/src/app.py b/src/app.py index 83c62aa3f..be71eade0 100644 --- a/src/app.py +++ b/src/app.py @@ -1714,7 +1714,7 @@ def app_ssowatconf(): # Also related to "people will want to customize those.." app_catalog_info = apps_catalog.get(app_id.split("__")[0]) if app_catalog_info and "logo_hash" in app_catalog_info: - app_portal_info["logo"] = f"//{app_portal_domain}/yunohost/admin/applogos/{app_catalog_info['logo_hash']}.png" + app_portal_info["logo"] = f"//{app_portal_domain}/yunohost/sso/applogos/{app_catalog_info['logo_hash']}.png" portal_domains_apps[app_portal_domain][app_id] = app_portal_info