* Thu Sep 25 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-2.sme

- CSP relaxed policy - revert authentication - httpd syntax fix - smanager improvement
2025-09-25 12:38:42 -04:00
parent c8ce77259d
commit fcb9a8fbf7
4 changed files with 21 additions and 15 deletions
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86PhpsysinfoAlias
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/86PhpsysinfoAlias
@@ -4,10 +4,12 @@ Alias /phpsysinfo /opt/phpsysinfo
 <Directory /opt/phpsysinfo>
    SSLRequireSSL
    Options -Indexes
-    #AuthName "phpSysInfo"
-    #AuthBasicProvider external
-    #AuthType Basic
-    #AuthExternal pwauth
+    AuthName "phpSysInfo"
+    AuthBasicProvider external
+    AuthType Basic
+    AuthExternal pwauth
+
+    Header set Content-Security-Policy  "script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' "

    <RequireAll>
        Require {(($phpmyadmin{access} || 'private' ) eq "public" ) ?  "all granted": "ip $localAccess $externalSSLAccess";}
--- a/root/usr/share/smanager/lib/SrvMngr/Controller/Phpsysinfo.pm
+++ b/root/usr/share/smanager/lib/SrvMngr/Controller/Phpsysinfo.pm
@@ -22,18 +22,16 @@ $ua->insecure(1);
 sub main {
    my $c = shift;
    my $title = $c->l('psi_phpsysinfo_panel');
-    my $php_url = 'https://sme11.thereadclan.me.uk/phpsysinfo/index.php?disp=static';
-	#my $first_line  = q{<meta http-equiv="Content-Security-Policy" content="default-src 'unsafe-inline' 'unsafe-eval' 'self'" />};
-	#my $second_line = q{<meta name="Description" content="phpSysInfo is a customizable PHP script that displays information about your system nicely" />};
+    my $host = $c->req->url->to_abs->host; 
+    my $php_url = "https://".$host."/phpsysinfo/index.php?disp=static";
+    my $php_url2 = "https://".$host."/phpsysinfo/index.php?disp=bootstrap";
    $ua->get($php_url => sub {
 		my ($ua, $tx) = @_;
        if ($tx->res->is_success) {
            my $php_content = $tx->res->body;
            my ($phpsysinfo_html) = $php_content =~ m{<body[^>]*>(.*?)</body>}si;
            $phpsysinfo_html =~ s/^(  SME Server|<BR>Copyright \(c\)).*\n//gmi;
-			# Insert $first_line before $second_line - supressing CSP
-			#$phpsysinfo_html =~ s/(\Q$second_line\E)/$first_line\n$1/;
-            $c->stash(title => $title, phpsysinfo => $phpsysinfo_html, php_url => $php_url);
+            $c->stash(title => $title, phpsysinfo => $phpsysinfo_html, php_url => $php_url, php_url2 => $php_url2);
            $c->render(template => 'phpsysinfo');
        } else {
            my $code = $tx->res->code // 'No code';
--- a/root/usr/share/smanager/themes/default/templates/phpsysinfo.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/phpsysinfo.html.ep
@@ -15,7 +15,7 @@
 		</div>
    %}
    
-    <%= link_to 'Visit External Website' => $c->stash('php_url'), target => '_blank', rel => 'noopener noreferrer' %>
+    <%= link_to 'Visit External Website' => $c->stash('php_url2'), target => '_blank', rel => 'noopener noreferrer' %>
    
    <h1>Legacy-<%=$c->l('psi_phpsysinfo') %></h1><br>
    
--- a/smeserver-phpsysinfo.spec
+++ b/smeserver-phpsysinfo.spec
@@ -6,7 +6,7 @@ Summary: phpSysInfo for SME Server
 %define name smeserver-phpsysinfo
 Name: %{name}
 %define version 11.0.0
-%define release 1
+%define release 2
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -27,6 +27,12 @@ AutoReqProv: no
 Access with admin login credentials via https://yourdomain/phpsysinfo

 %changelog
+* Thu Sep 25 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-2.sme
+- CSP relaxed policy
+- revert authentication
+- httpd syntax fix
+- smanager improvement
+
 * Mon May 12 2025 Brian Read <brianr@koozali.org> 11.0.0-1.sme
 - Adding SM2 panel [SME: 13004]
 - Upgrade to phpsysinfo 3.4.4