diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86PhpsysinfoAlias b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86PhpsysinfoAlias index f32da1c..1ca4c88 100644 --- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86PhpsysinfoAlias +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86PhpsysinfoAlias @@ -4,10 +4,12 @@ Alias /phpsysinfo /opt/phpsysinfo SSLRequireSSL Options -Indexes - #AuthName "phpSysInfo" - #AuthBasicProvider external - #AuthType Basic - #AuthExternal pwauth + AuthName "phpSysInfo" + AuthBasicProvider external + AuthType Basic + AuthExternal pwauth + + Header set Content-Security-Policy "script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' " Require {(($phpmyadmin{access} || 'private' ) eq "public" ) ? "all granted": "ip $localAccess $externalSSLAccess";} @@ -18,4 +20,4 @@ Alias /phpsysinfo /opt/phpsysinfo SetHandler "proxy:unix:/var/run/php-fpm/php.sock|fcgi://localhost" - \ No newline at end of file + diff --git a/root/usr/share/smanager/lib/SrvMngr/Controller/Phpsysinfo.pm b/root/usr/share/smanager/lib/SrvMngr/Controller/Phpsysinfo.pm index 6cf310d..95022ad 100644 --- a/root/usr/share/smanager/lib/SrvMngr/Controller/Phpsysinfo.pm +++ b/root/usr/share/smanager/lib/SrvMngr/Controller/Phpsysinfo.pm @@ -22,18 +22,16 @@ $ua->insecure(1); sub main { my $c = shift; my $title = $c->l('psi_phpsysinfo_panel'); - my $php_url = 'https://sme11.thereadclan.me.uk/phpsysinfo/index.php?disp=static'; - #my $first_line = q{}; - #my $second_line = q{}; + my $host = $c->req->url->to_abs->host; + my $php_url = "https://".$host."/phpsysinfo/index.php?disp=static"; + my $php_url2 = "https://".$host."/phpsysinfo/index.php?disp=bootstrap"; $ua->get($php_url => sub { my ($ua, $tx) = @_; if ($tx->res->is_success) { my $php_content = $tx->res->body; my ($phpsysinfo_html) = $php_content =~ m{]*>(.*?)}si; $phpsysinfo_html =~ s/^( SME Server|
Copyright \(c\)).*\n//gmi; - # Insert $first_line before $second_line - supressing CSP - #$phpsysinfo_html =~ s/(\Q$second_line\E)/$first_line\n$1/; - $c->stash(title => $title, phpsysinfo => $phpsysinfo_html, php_url => $php_url); + $c->stash(title => $title, phpsysinfo => $phpsysinfo_html, php_url => $php_url, php_url2 => $php_url2); $c->render(template => 'phpsysinfo'); } else { my $code = $tx->res->code // 'No code'; @@ -49,4 +47,4 @@ sub main { # $c->proxy_to('https://sme11.thereadclan.me.uk/phpsysinfo/index.php?disp=static'); #} -1; \ No newline at end of file +1; diff --git a/root/usr/share/smanager/themes/default/templates/phpsysinfo.html.ep b/root/usr/share/smanager/themes/default/templates/phpsysinfo.html.ep index 15052e3..ae84a30 100644 --- a/root/usr/share/smanager/themes/default/templates/phpsysinfo.html.ep +++ b/root/usr/share/smanager/themes/default/templates/phpsysinfo.html.ep @@ -15,10 +15,10 @@ %} - <%= link_to 'Visit External Website' => $c->stash('php_url'), target => '_blank', rel => 'noopener noreferrer' %> + <%= link_to 'Visit External Website' => $c->stash('php_url2'), target => '_blank', rel => 'noopener noreferrer' %>

Legacy-<%=$c->l('psi_phpsysinfo') %>


%== $c->stash('phpsysinfo'); -%end \ No newline at end of file +%end diff --git a/smeserver-phpsysinfo.spec b/smeserver-phpsysinfo.spec index 10faa06..80b41e0 100644 --- a/smeserver-phpsysinfo.spec +++ b/smeserver-phpsysinfo.spec @@ -6,7 +6,7 @@ Summary: phpSysInfo for SME Server %define name smeserver-phpsysinfo Name: %{name} %define version 11.0.0 -%define release 1 +%define release 2 Version: %{version} Release: %{release}%{?dist} License: GPL @@ -27,6 +27,12 @@ AutoReqProv: no Access with admin login credentials via https://yourdomain/phpsysinfo %changelog +* Thu Sep 25 2025 Jean-Philippe Pialasse 11.0.0-2.sme +- CSP relaxed policy +- revert authentication +- httpd syntax fix +- smanager improvement + * Mon May 12 2025 Brian Read 11.0.0-1.sme - Adding SM2 panel [SME: 13004] - Upgrade to phpsysinfo 3.4.4