Fix CSP errors (closes: #1197)
This commit is contained in:
Xavier Guimard
parent
66e273d18c
commit
221a74f65e
|
|
@ -38,7 +38,7 @@
|
|||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
<IfModule mod_headers.c>
|
||||
header set Content-Security-Policy "default-src 'self';frame-ancestors 'none';form-action 'self';"
|
||||
header set Content-Security-Policy "default-src 'self';frame-ancestors 'none';form-action 'self';img-src 'self' auth.example.com;"
|
||||
header set X-Content-Type-Options nosniff
|
||||
header set X-Frame-Options DENY
|
||||
header set X-XSS-Protection "1; mode=block"
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@
|
|||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
<IfModule mod_headers.c>
|
||||
header set Content-Security-Policy "default-src 'self';frame-ancestors 'none';form-action 'self';"
|
||||
header set Content-Security-Policy "default-src 'self';frame-ancestors 'none';form-action 'self';img-src 'self' auth.example.com;"
|
||||
header set X-Content-Type-Options nosniff
|
||||
header set X-Frame-Options DENY
|
||||
header set X-XSS-Protection "1; mode=block"
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@
|
|||
SetHandler fcgid-script
|
||||
Options +ExecCGI
|
||||
<IfModule mod_headers.c>
|
||||
header set Content-Security-Policy "default-src 'self';frame-ancestors 'none';form-action 'self';"
|
||||
header set Content-Security-Policy "default-src 'self';frame-ancestors 'none';form-action 'self';img-src 'self' auth.example.com;"
|
||||
header set X-Content-Type-Options nosniff
|
||||
header set X-Frame-Options DENY
|
||||
header set X-XSS-Protection "1; mode=block"
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ server {
|
|||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header Content-Security-Policy "default-src 'self';frame-ancestors 'none';form-action 'self';";
|
||||
add_header Content-Security-Policy "default-src 'self';frame-ancestors 'none';form-action 'self';img-src 'self' auth.example.com;";
|
||||
add_header X-Frame-Options DENY;
|
||||
# Uncomment this if you use https only
|
||||
#add_header Strict-Transport-Security "15768000";
|
||||
|
|
|
|||
|
|
@ -245,3 +245,11 @@ dl,
|
|||
.center {
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
.backgrounddiv {
|
||||
margin-top: 10px;
|
||||
}
|
||||
.llcontainer {
|
||||
position: relative;
|
||||
margin-bottom: 10px;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
.tree-node{border-width:1px;border-style:solid;border-radius:4px;margin-bottom:8px}.tree-node-default{background:#fff}.angular-ui-tree-handle{cursor:pointer}#pleaseWait{background-color:#fff;width:100%;min-height:9.9%;height:auto;z-index:5000;position:absolute;left:0;top:0;margin-left:auto;margin-right:auto;padding:30% 20%;text-align:center;opacity:.8;filter:alpha(opacity=80)}.panel .table th{width:20%;vertical-align:middle}ul.cat-tree{list-style-type:square}p.cat-tree-category{font-weight:bold}html,body{margin:0;padding:0;height:100vh;background:radial-gradient(circle at 50% 0,#fff 0,#ddd 100%) no-repeat scroll 0 0 #ddd}header#navbar{height:9vh;margin-bottom:1vh;padding-bottom:0vh}#content{max-height:86vh;height:86vh;margin:0;padding:0;position:relative}header#navbar .navbar-brand{padding:10px 15px}header#navbar .navbar-brand img{background:#fff}textarea{width:100%}textarea#privateKey,textarea#publicKey,textarea#filetext{font-size:8pt}dl,.panel{margin-bottom:8px}.panel-body{padding:5px}.input-group-solid{border:1px solid #CCC;border-radius:4px;padding:6px 12px}.input-group>.input-group-solid:last-child{border-bottom-left-radius:0;border-top-left-radius:0}#cfgnum{position:relative}#cfgnum.label-warning:hover:after{content:attr(comment);padding:4px 8px;color:rgba(0,0,0,0.5);position:absolute;left:100%;bottom:100%;white-space:nowrap;z-index:2;border-radius:5px;background:#f0ad4e}.link{cursor:pointer}#bottom .panel{height:100%;margin-top:8px}#bottom .panel-body{height:100%}#right{display:flex;flex-direction:column}#bottom{flex:1}@media(min-width:768px){.scrollable-sm{max-height:86vh!important;overflow:auto}#right,#left{max-height:86vh!important;height:86vh}#top{overflow-x:hidden}#bottom{height:43vh;overflow:hidden}}#top,#bottom,#right,#left{position:relative}@media(max-width:767px){#right{position:absolute;top:0;z-index:1000}.lmmenu{position:static;float:left;width:100%;min-height:200px;margin-top:0;border:1px solid #ccc;box-shadow:none}#content{position:relative}}.scrollable{overflow:auto}.container{padding-bottom:15px}.hresizer{position:absolute;width:6px;top:0;bottom:0;right:0;background-color:#EEE;cursor:e-resize}.vresizer{position:absolute;height:6px;left:0;right:0;top:0;background-color:#EEE;cursor:n-resize}.angular-ui-tree-empty{min-height:auto;border:0}.old{color:#A00}.new{color:#0A0}.maxw{width:100%}.center{text-align:center}
|
||||
.tree-node{border-width:1px;border-style:solid;border-radius:4px;margin-bottom:8px}.tree-node-default{background:#fff}.angular-ui-tree-handle{cursor:pointer}#pleaseWait{background-color:#fff;width:100%;min-height:9.9%;height:auto;z-index:5000;position:absolute;left:0;top:0;margin-left:auto;margin-right:auto;padding:30% 20%;text-align:center;opacity:.8;filter:alpha(opacity=80)}.panel .table th{width:20%;vertical-align:middle}ul.cat-tree{list-style-type:square}p.cat-tree-category{font-weight:bold}html,body{margin:0;padding:0;height:100vh;background:radial-gradient(circle at 50% 0,#fff 0,#ddd 100%) no-repeat scroll 0 0 #ddd}header#navbar{height:9vh;margin-bottom:1vh;padding-bottom:0vh}#content{max-height:86vh;height:86vh;margin:0;padding:0;position:relative}header#navbar .navbar-brand{padding:10px 15px}header#navbar .navbar-brand img{background:#fff}textarea{width:100%}textarea#privateKey,textarea#publicKey,textarea#filetext{font-size:8pt}dl,.panel{margin-bottom:8px}.panel-body{padding:5px}.input-group-solid{border:1px solid #CCC;border-radius:4px;padding:6px 12px}.input-group>.input-group-solid:last-child{border-bottom-left-radius:0;border-top-left-radius:0}#cfgnum{position:relative}#cfgnum.label-warning:hover:after{content:attr(comment);padding:4px 8px;color:rgba(0,0,0,0.5);position:absolute;left:100%;bottom:100%;white-space:nowrap;z-index:2;border-radius:5px;background:#f0ad4e}.link{cursor:pointer}#bottom .panel{height:100%;margin-top:8px}#bottom .panel-body{height:100%}#right{display:flex;flex-direction:column}#bottom{flex:1}@media(min-width:768px){.scrollable-sm{max-height:86vh!important;overflow:auto}#right,#left{max-height:86vh!important;height:86vh}#top{overflow-x:hidden}#bottom{height:43vh;overflow:hidden}}#top,#bottom,#right,#left{position:relative}@media(max-width:767px){#right{position:absolute;top:0;z-index:1000}.lmmenu{position:static;float:left;width:100%;min-height:200px;margin-top:0;border:1px solid #ccc;box-shadow:none}#content{position:relative}}.scrollable{overflow:auto}.container{padding-bottom:15px}.hresizer{position:absolute;width:6px;top:0;bottom:0;right:0;background-color:#EEE;cursor:e-resize}.vresizer{position:absolute;height:6px;left:0;right:0;top:0;background-color:#EEE;cursor:n-resize}.angular-ui-tree-empty{min-height:auto;border:0}.old{color:#A00}.new{color:#0A0}.maxw{width:100%}.center{text-align:center}.backgrounddiv{margin-top:10px}.llcontainer{position:relative;margin-bottom:10px}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
<div class="panel panel-default" style="position:relative;">
|
||||
<div class="panel panel-default llcontainer">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title">{{translateTitle(currentNode)}}</h3>
|
||||
</div>
|
||||
|
|
@ -18,7 +18,7 @@
|
|||
</label>
|
||||
</div>
|
||||
</div>
|
||||
<div class="panel-body input-group" style="width:100%;" ng-if="currentNode.data!==0&¤tNode.data!=='0'&¤tNode.data!==1&¤tNode.data!=='1'">
|
||||
<div class="panel-body input-group maxw" ng-if="currentNode.data!==0&¤tNode.data!=='0'&¤tNode.data!==1&¤tNode.data!=='1'">
|
||||
<textarea id="bopeValue" class="form-control" rows="2" ng-model="currentNode.data"/>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
<div class="panel panel-default" style="position:relative;">
|
||||
<div class="panel panel-default llcontainer">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title">{{translateTitle(currentNode)}}</h3>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
<div class="panel panel-default" style="position:relative;">
|
||||
<div class="panel panel-default llcontainer">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title">{{translateTitle(currentNode)}}</h3>
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<div class="input-group" style="width:100%;">
|
||||
<div class="input-group maxw">
|
||||
<label class="input-group-addon" for="longtextinput" trspan="value"></label>
|
||||
<textarea id="longtextinput" rows="5" class="form-control" ng-model="currentNode.data"/>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@
|
|||
<div class="modal-body">
|
||||
<div class="row text-center">
|
||||
<div class="col-md-2" ng-repeat="i in ['attach.png', 'bell.png', 'bookmark.png', 'configure.png', 'database.png', 'demo.png', 'folder.png', 'gear.png', 'help.png', 'mailappt.png', 'money.png', 'network.png', 'terminal.png', 'thumbnail.png', 'tux.png']">
|
||||
<button class="btn" ng-class="{'btn-default':currentNode.data.logo!=i,'btn-info':currentNode.data.logo==i}" ng-click="ok(currentNode.data.logo=i)" style="margin-bottom:10px;">
|
||||
<button class="btn llcontainer" ng-class="{'btn-default':currentNode.data.logo!=i,'btn-info':currentNode.data.logo==i}" ng-click="ok(currentNode.data.logo=i)">
|
||||
<img ng-src="{{elem('portal').data}}/skins/common/apps/{{i}}" title="{{i}}" alt="{{i}}" />
|
||||
</button>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
<h3 class="panel-title" trspan="portalSkin"></h3>
|
||||
</div>
|
||||
<div class="panel-body text-center">
|
||||
<button class="btn btn-info" ng-click="showModal('portalSkinChoice.html')" ng-model="currentNode" style="position:relative;">
|
||||
<button class="btn btn-info llcontainer" ng-click="showModal('portalSkinChoice.html')" ng-model="currentNode">
|
||||
<span ng-if="inSelect(currentNode.data)">
|
||||
<img ng-src="{{staticPrefix}}logos/{{currentNode.data}}.png" alt="{{currentNode.data}}" title="{{currentNode.data}}" />
|
||||
</span>
|
||||
|
|
@ -29,7 +29,7 @@
|
|||
<div class="modal-body">
|
||||
<div class="row text-center">
|
||||
<div class="col-md-4" ng-repeat="b in currentNode.select">
|
||||
<button class="btn" ng-class="{'btn-default':currentNode.data!==b.k,'btn-info':currentNode.data===b.k}" ng-click="ok(currentNode.data=b.k)" style="position:relative;margin-bottom:10px;">
|
||||
<button class="btn llcontainer" ng-class="{'btn-default':currentNode.data!==b.k,'btn-info':currentNode.data===b.k}" ng-click="ok(currentNode.data=b.k)">
|
||||
<img ng-src="{{staticPrefix}}logos/{{b.k}}.png" alt="{{b.v}}" title="{{b.v}}" />
|
||||
<div class="carousel-caption">
|
||||
<h4>{{b.v}}</h4>
|
||||
|
|
@ -37,7 +37,7 @@
|
|||
</button>
|
||||
</div>
|
||||
<div class="col-md-4">
|
||||
<button class="btn" ng-class="{'btn-default':inSelect(currentNode.data),'btn-info':!inSelect(currentNode.data)}" ng-click="currentNode.data='custom'" style="position:relative;">
|
||||
<button class="btn llcontainer" ng-class="{'btn-default':inSelect(currentNode.data),'btn-info':!inSelect(currentNode.data)}" ng-click="currentNode.data='custom'">
|
||||
<img ng-src="{{staticPrefix}}logos/custom.png" alt="Custom" title="Custom" />
|
||||
<div class="carousel-caption">
|
||||
<h4>Custom</h4>
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@
|
|||
<select id="selectform" class="form-control" ng-model="currentNode.data" ng-change="currentNode.onChange()">
|
||||
<option ng-repeat="item in currentNode.select" ng-selected="item.k==currentNode.data" value="{{item.k}}" trspan="{{item.v}}"></option>
|
||||
</select>
|
||||
<div class="text-center" ng-if="currentNode.data" style="margin-top:10px;">
|
||||
<div class="text-center" ng-if="currentNode.data" class="backgrounddiv">
|
||||
<img ng-src="{{portal.data}}/skins/common/backgrounds/{{currentNode.data}}" class="img-rounded" width="250px" />
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
</td>
|
||||
<!-- LONG TEXT -->
|
||||
<td ng-if="n.type=='longtext'">
|
||||
<div class="input-group" style="width:100%;">
|
||||
<div class="input-group maxw">
|
||||
<textarea rows="2" ng-model="n.data" />
|
||||
</div>
|
||||
</td>
|
||||
|
|
@ -70,7 +70,7 @@
|
|||
<span trspan="specialRule"></span>
|
||||
</label>
|
||||
</div>
|
||||
<div class="panel-body input-group" style="width:100%;" ng-if="n.data!==0&&n.data!=='0'&&n.data!==1&&n.data!=='1'">
|
||||
<div class="panel-body input-group maxw" ng-if="n.data!==0&&n.data!=='0'&&n.data!==1&&n.data!=='1'">
|
||||
<textarea id="boeValue/{{n.title}}" class="form-control" rows="2" ng-model="n.data"/>
|
||||
</div>
|
||||
</td>
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user