smeserver/e-smith-manager
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* Mon Dec 30 2024 Jean-Philippe Pialasse <jpp@koozali.org> 2.8.0-42.sme

Browse Source 
-  add CSP support [SME: 9566]
This commit is contained in:
Jean-Philippe Pialasse
2024-12-30 21:23:45 -05:00
parent c4ed6b178d
commit 7c7e1e6389
3 changed files with 25 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27ManagerProxyPass
View File

@@ -31,6 +31,14 @@
} else {
$OUT .= " Require ip $localAccess\n";
}
# any server-manager script or style added in line should be hashed and added here to run in a modern browser
$OUT .= " Header set Content-Security-Policy \"script-src 'self' https://$virtualHost 'unsafe-hashes' "
." 'sha256-bu1Wbll/1+gfjCxVn9czXKc7IhIJRjJgNFdNltH+09c=' 'sha256-MQmv1rIdRtr7sC3167eTWkTNMSq5QzWRPxhOzKUtvKg=' 'sha256-DuDis7gGgnegJBjroiLOJwY+DvfilQsYswIXb6lNE8c=' 'sha256-FengF4xZO+fXC/zBgGGYYPLtc95CEZAk+vS7A9OR64o=' ;"
." style-src 'self' https://$virtualHost 'unsafe-hashes' "
." 'sha256-ABT3Vs4q5dwUnsKaFzA38LnsL3426dj6CkNKRofyqjA=' 'sha256-upqzRUpu+M2pCK19HHLg5oUeQnpEXij9kojuDNdJnGc=' 'sha256-sa1JolVbZz72+sa0pOWp/LBIoZfF9P1N8Gzy5u3C3Qc=' 'sha256-q9xrwNUn7ieRndtLNP/uNCEBKXjzTzvZv1fddtmMK9w=' ;"
." script-src-attr 'self' https://$virtualHost 'unsafe-hashes' 'sha256-QgFUvJuzASZ+WbF57Vn8eQoWvuBJ78nF7YMraPzQVvg=' \"\n";
$OUT .= " </Location>\n";
}
}