Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
Signature Frontend
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package registry
Container registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
GitLab community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
This is an archived project. Repository and other project resources are read-only.
Show more breadcrumbs
digital blueprint
Electronic Signature Service
Signature Frontend
Commits
197f0438
Commit
197f0438
authored
4 years ago
by
Reiter, Christoph
Browse files
Options
Downloads
Patches
Plain Diff
Generate the CSP in rollup once; More config cleanup
parent
1bf53554
No related branches found
No related tags found
No related merge requests found
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
app.config.js
+5
-0
5 additions, 0 deletions
app.config.js
assets/.htaccess.ejs
+1
-1
1 addition, 1 deletion
assets/.htaccess.ejs
rollup.config.js
+18
-18
18 additions, 18 deletions
rollup.config.js
with
24 additions
and
19 deletions
app.config.js
+
5
−
0
View file @
197f0438
...
@@ -7,6 +7,7 @@ export default {
...
@@ -7,6 +7,7 @@ export default {
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoSiteId
:
131
,
matomoSiteId
:
131
,
nextcloudBaseURL
:
'
http://localhost:8081
'
,
nextcloudBaseURL
:
'
http://localhost:8081
'
,
nextcloudName
:
'
TU Graz cloud
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig-dev.tugraz.at
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig-dev.tugraz.at
'
,
},
},
bs
:
{
bs
:
{
...
@@ -17,6 +18,7 @@ export default {
...
@@ -17,6 +18,7 @@ export default {
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoSiteId
:
131
,
matomoSiteId
:
131
,
nextcloudBaseURL
:
'
http://bs-local.com:8081
'
,
nextcloudBaseURL
:
'
http://bs-local.com:8081
'
,
nextcloudName
:
'
TU Graz cloud
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig-dev.tugraz.at
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig-dev.tugraz.at
'
,
},
},
development
:
{
development
:
{
...
@@ -27,6 +29,7 @@ export default {
...
@@ -27,6 +29,7 @@ export default {
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoSiteId
:
131
,
matomoSiteId
:
131
,
nextcloudBaseURL
:
'
https://nc-dev.tugraz.at/pers
'
,
nextcloudBaseURL
:
'
https://nc-dev.tugraz.at/pers
'
,
nextcloudName
:
'
TU Graz cloud
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig-dev.tugraz.at
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig-dev.tugraz.at
'
,
},
},
demo
:
{
demo
:
{
...
@@ -37,6 +40,7 @@ export default {
...
@@ -37,6 +40,7 @@ export default {
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoSiteId
:
131
,
matomoSiteId
:
131
,
nextcloudBaseURL
:
'
https://cloud.tugraz.at
'
,
nextcloudBaseURL
:
'
https://cloud.tugraz.at
'
,
nextcloudName
:
'
TU Graz cloud
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig-test.tugraz.at
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig-test.tugraz.at
'
,
},
},
production
:
{
production
:
{
...
@@ -47,6 +51,7 @@ export default {
...
@@ -47,6 +51,7 @@ export default {
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoUrl
:
'
https://analytics.tugraz.at/
'
,
matomoSiteId
:
137
,
matomoSiteId
:
137
,
nextcloudBaseURL
:
''
,
nextcloudBaseURL
:
''
,
nextcloudName
:
''
,
pdfAsQualifiedlySigningServer
:
'
https://sig.tugraz.at
'
,
pdfAsQualifiedlySigningServer
:
'
https://sig.tugraz.at
'
,
},
},
};
};
\ No newline at end of file
This diff is collapsed.
Click to expand it.
assets/.htaccess.ejs
+
1
−
1
View file @
197f0438
...
@@ -4,7 +4,7 @@ DirectoryIndex <%= getUrl(name + '.html') %>
...
@@ -4,7 +4,7 @@ DirectoryIndex <%= getUrl(name + '.html') %>
</FilesMatch>
</FilesMatch>
Header set Cache-Control "must-revalidate, max-age=60"
Header set Cache-Control "must-revalidate, max-age=60"
Header set Content-Security-Policy "
default-src 'self' 'unsafe-eval' 'unsafe-inline' <%= matomoUrl %> <%= keyCloakServer %> <%= entryPointURL %> httpbin.org <%= nextcloudBaseURL %> www.handy-signatur.at <%= pdfAsQualifiedlySigningServer %>; img-src * blob: data:
"
Header set Content-Security-Policy "
<%= CSP %>
"
# Apache adds a "-gzip" suffix to the etag when it uses gzip but doesn't
# Apache adds a "-gzip" suffix to the etag when it uses gzip but doesn't
# take that into account when receiving requests.
# take that into account when receiving requests.
...
...
This diff is collapsed.
Click to expand it.
rollup.config.js
+
18
−
18
View file @
197f0438
...
@@ -17,15 +17,6 @@ import appConfig from './app.config.js';
...
@@ -17,15 +17,6 @@ import appConfig from './app.config.js';
import
{
getPackagePath
,
getBuildInfo
}
from
'
./vendor/toolkit/rollup.utils.js
'
;
import
{
getPackagePath
,
getBuildInfo
}
from
'
./vendor/toolkit/rollup.utils.js
'
;
import
{
generateTLSConfig
}
from
'
./rollup.utils.js
'
;
import
{
generateTLSConfig
}
from
'
./rollup.utils.js
'
;
// -------------------------------
// Some new web APIs are only available when HTTPS is active.
// Note that this only works with a Non-HTTPS API endpoint with Chrome,
// Firefox will emit CORS errors, see https://bugzilla.mozilla.org/show_bug.cgi?id=1488740
const
USE_HTTPS
=
false
;
// -------------------------------
const
pkg
=
require
(
'
./package.json
'
);
const
pkg
=
require
(
'
./package.json
'
);
const
appEnv
=
(
typeof
process
.
env
.
APP_ENV
!==
'
undefined
'
)
?
process
.
env
.
APP_ENV
:
'
local
'
;
const
appEnv
=
(
typeof
process
.
env
.
APP_ENV
!==
'
undefined
'
)
?
process
.
env
.
APP_ENV
:
'
local
'
;
const
watch
=
process
.
env
.
ROLLUP_WATCH
===
'
true
'
;
const
watch
=
process
.
env
.
ROLLUP_WATCH
===
'
true
'
;
...
@@ -33,6 +24,7 @@ const buildFull = (!watch && appEnv !== 'test') || (process.env.FORCE_FULL !== u
...
@@ -33,6 +24,7 @@ const buildFull = (!watch && appEnv !== 'test') || (process.env.FORCE_FULL !== u
let
useTerser
=
buildFull
;
let
useTerser
=
buildFull
;
let
useBabel
=
buildFull
;
let
useBabel
=
buildFull
;
let
checkLicenses
=
buildFull
;
let
checkLicenses
=
buildFull
;
let
useHTTPS
=
false
;
console
.
log
(
"
APP_ENV:
"
+
appEnv
);
console
.
log
(
"
APP_ENV:
"
+
appEnv
);
...
@@ -48,6 +40,7 @@ if (appEnv in appConfig) {
...
@@ -48,6 +40,7 @@ if (appEnv in appConfig) {
matomoUrl
:
''
,
matomoUrl
:
''
,
matomoSiteId
:
-
1
,
matomoSiteId
:
-
1
,
nextcloudBaseURL
:
'
https://test
'
,
nextcloudBaseURL
:
'
https://test
'
,
nextcloudName
:
''
,
pdfAsQualifiedlySigningServer
:
'
https://test
'
pdfAsQualifiedlySigningServer
:
'
https://test
'
};
};
}
else
{
}
else
{
...
@@ -55,21 +48,29 @@ if (appEnv in appConfig) {
...
@@ -55,21 +48,29 @@ if (appEnv in appConfig) {
process
.
exit
(
1
);
process
.
exit
(
1
);
}
}
config
.
keyCloakServer
=
new
URL
(
config
.
keyCloakBaseURL
).
origin
;
config
.
nextcloudName
=
'
TU Graz cloud
'
;
if
(
config
.
nextcloudBaseURL
)
{
if
(
config
.
nextcloudBaseURL
)
{
config
.
nextcloudFileURL
=
config
.
nextcloudBaseURL
+
'
/index.php/apps/files/?dir=
'
;
config
.
nextcloudFileURL
=
config
.
nextcloudBaseURL
+
'
/index.php/apps/files/?dir=
'
;
config
.
nextcloudOrigin
=
new
URL
(
config
.
nextcloudBaseURL
).
origin
;
config
.
nextcloudWebAppPasswordURL
=
config
.
nextcloudBaseURL
+
'
/index.php/apps/webapppassword
'
;
config
.
nextcloudWebAppPasswordURL
=
config
.
nextcloudBaseURL
+
'
/index.php/apps/webapppassword
'
;
config
.
nextcloudWebDavURL
=
config
.
nextcloudBaseURL
+
'
/remote.php/dav/files
'
;
config
.
nextcloudWebDavURL
=
config
.
nextcloudBaseURL
+
'
/remote.php/dav/files
'
;
}
else
{
}
else
{
config
.
nextcloudFileURL
=
''
;
config
.
nextcloudFileURL
=
''
;
config
.
nextcloudOrigin
=
''
;
config
.
nextcloudWebAppPasswordURL
=
''
;
config
.
nextcloudWebAppPasswordURL
=
''
;
config
.
nextcloudWebDavURL
=
''
;
config
.
nextcloudWebDavURL
=
''
;
}
}
function
getOrigin
(
url
)
{
if
(
url
)
return
new
URL
(
url
).
origin
;
return
''
;
}
config
.
CSP
=
`default-src 'self' 'unsafe-eval' 'unsafe-inline' \
${
getOrigin
(
config
.
matomoUrl
)}
${
getOrigin
(
config
.
keyCloakBaseURL
)}
${
getOrigin
(
config
.
entryPointURL
)}
\
httpbin.org
${
getOrigin
(
config
.
nextcloudBaseURL
)}
www.handy-signatur.at \
${
getOrigin
(
config
.
pdfAsQualifiedlySigningServer
)}
; \
img-src * blob: data:`
;
export
default
(
async
()
=>
{
return
{
export
default
(
async
()
=>
{
return
{
input
:
(
appEnv
!=
'
test
'
)
?
[
input
:
(
appEnv
!=
'
test
'
)
?
[
'
src/
'
+
pkg
.
name
+
'
.js
'
,
'
src/
'
+
pkg
.
name
+
'
.js
'
,
...
@@ -129,11 +130,10 @@ export default (async () => {return {
...
@@ -129,11 +130,10 @@ export default (async () => {return {
nextcloudBaseURL
:
config
.
nextcloudBaseURL
,
nextcloudBaseURL
:
config
.
nextcloudBaseURL
,
nextcloudFileURL
:
config
.
nextcloudFileURL
,
nextcloudFileURL
:
config
.
nextcloudFileURL
,
nextcloudName
:
config
.
nextcloudName
,
nextcloudName
:
config
.
nextcloudName
,
keyCloakServer
:
config
.
keyCloakServer
,
keyCloakBaseURL
:
config
.
keyCloakBaseURL
,
keyCloakBaseURL
:
config
.
keyCloakBaseURL
,
keyCloakClientId
:
config
.
keyCloakClientId
,
keyCloakClientId
:
config
.
keyCloakClientId
,
pdfAsQualifiedlySigningServer
:
config
.
pdfAsQualifiedlySigningServer
,
environment
:
appEnv
,
environment
:
appEnv
,
CSP
:
config
.
CSP
,
matomoUrl
:
config
.
matomoUrl
,
matomoUrl
:
config
.
matomoUrl
,
matomoSiteId
:
config
.
matomoSiteId
,
matomoSiteId
:
config
.
matomoSiteId
,
buildInfo
:
getBuildInfo
(
appEnv
)
buildInfo
:
getBuildInfo
(
appEnv
)
...
@@ -220,9 +220,9 @@ Dependencies:
...
@@ -220,9 +220,9 @@ Dependencies:
host
:
'
127.0.0.1
'
,
host
:
'
127.0.0.1
'
,
port
:
8001
,
port
:
8001
,
historyApiFallback
:
config
.
basePath
+
pkg
.
name
+
'
.html
'
,
historyApiFallback
:
config
.
basePath
+
pkg
.
name
+
'
.html
'
,
https
:
USE_
HTTPS
?
generateTLSConfig
()
:
false
,
https
:
use
HTTPS
?
generateTLSConfig
()
:
false
,
headers
:
{
headers
:
{
'
Content-Security-Policy
'
:
`default-src 'self' 'unsafe-eval' 'unsafe-inline'
${
config
.
matomoUrl
}
${
config
.
keyCloakServer
}
${
config
.
entryPointURL
}
httpbin.org
${
config
.
nextcloudOrigin
}
www.handy-signatur.at
${
config
.
pdfAsQualifiedlySigningServer
}
; img-src * blob: data:`
'
Content-Security-Policy
'
:
config
.
CSP
},
},
})
:
false
})
:
false
]
]
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment