mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-01 01:36:00 -04:00
Applied latest styleci changes
This commit is contained in:
parent
88c698796b
commit
fb80bb5d58
@ -8,7 +8,6 @@ use Illuminate\Http\Request;
|
||||
|
||||
class ApplyCspRules
|
||||
{
|
||||
|
||||
/**
|
||||
* @var CspService
|
||||
*/
|
||||
@ -43,5 +42,4 @@ class ApplyCspRules
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -73,7 +73,7 @@ class AppServiceProvider extends ServiceProvider
|
||||
return new SocialAuthService($app->make(SocialiteFactory::class), $app->make(LoginService::class));
|
||||
});
|
||||
|
||||
$this->app->singleton(CspService::class, function($app) {
|
||||
$this->app->singleton(CspService::class, function ($app) {
|
||||
return new CspService();
|
||||
});
|
||||
}
|
||||
|
@ -33,9 +33,10 @@ class CustomHtmlHeadContentProvider
|
||||
{
|
||||
$content = $this->getSourceContent();
|
||||
$hash = md5($content);
|
||||
$html = $this->cache->remember('custom-head-web:' . $hash, 86400, function() use ($content) {
|
||||
$html = $this->cache->remember('custom-head-web:' . $hash, 86400, function () use ($content) {
|
||||
return HtmlNonceApplicator::prepare($content);
|
||||
});
|
||||
|
||||
return HtmlNonceApplicator::apply($html, $this->cspService->getNonce());
|
||||
}
|
||||
|
||||
@ -47,8 +48,9 @@ class CustomHtmlHeadContentProvider
|
||||
{
|
||||
$content = $this->getSourceContent();
|
||||
$hash = md5($content);
|
||||
return $this->cache->remember('custom-head-export:' . $hash, 86400, function() use ($content) {
|
||||
return HtmlContentFilter::removeScripts($content);
|
||||
|
||||
return $this->cache->remember('custom-head-export:' . $hash, 86400, function () use ($content) {
|
||||
return HtmlContentFilter::removeScripts($content);
|
||||
});
|
||||
}
|
||||
|
||||
@ -59,5 +61,4 @@ class CustomHtmlHeadContentProvider
|
||||
{
|
||||
return setting('app-custom-head', '');
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -90,7 +90,7 @@ class CspService
|
||||
protected function getAllowedIframeHosts(): array
|
||||
{
|
||||
$hosts = config('app.iframe_hosts', '');
|
||||
|
||||
return array_filter(explode(' ', $hosts));
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -70,6 +70,7 @@ class HtmlContentFilter
|
||||
{
|
||||
$value = strtolower($value);
|
||||
$upperVal = strtoupper($value);
|
||||
|
||||
return 'contains(translate(' . $property . ', \'' . $upperVal . '\', \'' . $value . '\'), \'' . $value . '\')';
|
||||
}
|
||||
|
||||
|
@ -38,7 +38,7 @@ class HtmlNonceApplicator
|
||||
$returnHtml = '';
|
||||
$topElems = $doc->documentElement->childNodes->item(0)->childNodes;
|
||||
foreach ($topElems as $child) {
|
||||
$content = $doc->saveHTML($child);
|
||||
$content = $doc->saveHTML($child);
|
||||
$returnHtml .= $content;
|
||||
}
|
||||
|
||||
@ -60,5 +60,4 @@ class HtmlNonceApplicator
|
||||
$node->setAttribute('nonce', $attrValue);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -309,7 +309,7 @@ class PageContentTest extends TestCase
|
||||
{
|
||||
$checks = [
|
||||
'<svg id="test" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="100" height="100"><a xlink:href="javascript:alert(document.domain)"><rect x="0" y="0" width="100" height="100" /></a></svg>',
|
||||
'<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><use xlink:href="data:application/xml;base64 ,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4KPGRlZnM+CjxjaXJjbGUgaWQ9InRlc3QiIHI9IjAiIGN4PSIwIiBjeT0iMCIgc3R5bGU9ImZpbGw6ICNGMDAiPgo8c2V0IGF0dHJpYnV0ZU5hbWU9ImZpbGwiIGF0dHJpYnV0ZVR5cGU9IkNTUyIgb25iZWdpbj0nYWxlcnQoZG9jdW1lbnQuZG9tYWluKScKb25lbmQ9J2FsZXJ0KCJvbmVuZCIpJyB0bz0iIzAwRiIgYmVnaW49IjBzIiBkdXI9Ijk5OXMiIC8+CjwvY2lyY2xlPgo8L2RlZnM+Cjx1c2UgeGxpbms6aHJlZj0iI3Rlc3QiLz4KPC9zdmc+#test"/></svg>'
|
||||
'<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><use xlink:href="data:application/xml;base64 ,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4KPGRlZnM+CjxjaXJjbGUgaWQ9InRlc3QiIHI9IjAiIGN4PSIwIiBjeT0iMCIgc3R5bGU9ImZpbGw6ICNGMDAiPgo8c2V0IGF0dHJpYnV0ZU5hbWU9ImZpbGwiIGF0dHJpYnV0ZVR5cGU9IkNTUyIgb25iZWdpbj0nYWxlcnQoZG9jdW1lbnQuZG9tYWluKScKb25lbmQ9J2FsZXJ0KCJvbmVuZCIpJyB0bz0iIzAwRiIgYmVnaW49IjBzIiBkdXI9Ijk5OXMiIC8+CjwvY2lyY2xlPgo8L2RlZnM+Cjx1c2UgeGxpbms6aHJlZj0iI3Rlc3QiLz4KPC9zdmc+#test"/></svg>',
|
||||
];
|
||||
|
||||
$this->asEditor();
|
||||
|
@ -125,6 +125,7 @@ class SecurityHeaderTest extends TestCase
|
||||
protected function getCspHeader(TestResponse $resp, string $type): string
|
||||
{
|
||||
$cspHeaders = collect($resp->headers->all('Content-Security-Policy'));
|
||||
|
||||
return $cspHeaders->filter(function ($val) use ($type) {
|
||||
return strpos($val, $type) === 0;
|
||||
})->first() ?? '';
|
||||
|
@ -6,7 +6,6 @@ use Tests\TestCase;
|
||||
|
||||
class CustomHeadContentTest extends TestCase
|
||||
{
|
||||
|
||||
public function test_configured_content_shows_on_pages()
|
||||
{
|
||||
$this->setSettings(['app-custom-head' => '<script>console.log("cat");</script>']);
|
||||
@ -27,4 +26,4 @@ class CustomHeadContentTest extends TestCase
|
||||
$resp = $this->get('/login');
|
||||
$resp->assertSee('<div id="hello">cat</div>');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1,4 +1,6 @@
|
||||
<?php namespace Tests\Settings;
|
||||
<?php
|
||||
|
||||
namespace Tests\Settings;
|
||||
|
||||
use Tests\TestCase;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user