Applied latest styleci changes

This commit is contained in:
Dan Brown 2021-09-06 22:19:06 +01:00
parent 88c698796b
commit fb80bb5d58
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
10 changed files with 17 additions and 16 deletions

View File

@ -8,7 +8,6 @@ use Illuminate\Http\Request;
class ApplyCspRules
{
/**
* @var CspService
*/
@ -43,5 +42,4 @@ class ApplyCspRules
return $response;
}
}

View File

@ -73,7 +73,7 @@ class AppServiceProvider extends ServiceProvider
return new SocialAuthService($app->make(SocialiteFactory::class), $app->make(LoginService::class));
});
$this->app->singleton(CspService::class, function($app) {
$this->app->singleton(CspService::class, function ($app) {
return new CspService();
});
}

View File

@ -33,9 +33,10 @@ class CustomHtmlHeadContentProvider
{
$content = $this->getSourceContent();
$hash = md5($content);
$html = $this->cache->remember('custom-head-web:' . $hash, 86400, function() use ($content) {
$html = $this->cache->remember('custom-head-web:' . $hash, 86400, function () use ($content) {
return HtmlNonceApplicator::prepare($content);
});
return HtmlNonceApplicator::apply($html, $this->cspService->getNonce());
}
@ -47,8 +48,9 @@ class CustomHtmlHeadContentProvider
{
$content = $this->getSourceContent();
$hash = md5($content);
return $this->cache->remember('custom-head-export:' . $hash, 86400, function() use ($content) {
return HtmlContentFilter::removeScripts($content);
return $this->cache->remember('custom-head-export:' . $hash, 86400, function () use ($content) {
return HtmlContentFilter::removeScripts($content);
});
}
@ -59,5 +61,4 @@ class CustomHtmlHeadContentProvider
{
return setting('app-custom-head', '');
}
}
}

View File

@ -90,7 +90,7 @@ class CspService
protected function getAllowedIframeHosts(): array
{
$hosts = config('app.iframe_hosts', '');
return array_filter(explode(' ', $hosts));
}
}
}

View File

@ -70,6 +70,7 @@ class HtmlContentFilter
{
$value = strtolower($value);
$upperVal = strtoupper($value);
return 'contains(translate(' . $property . ', \'' . $upperVal . '\', \'' . $value . '\'), \'' . $value . '\')';
}

View File

@ -38,7 +38,7 @@ class HtmlNonceApplicator
$returnHtml = '';
$topElems = $doc->documentElement->childNodes->item(0)->childNodes;
foreach ($topElems as $child) {
$content = $doc->saveHTML($child);
$content = $doc->saveHTML($child);
$returnHtml .= $content;
}
@ -60,5 +60,4 @@ class HtmlNonceApplicator
$node->setAttribute('nonce', $attrValue);
}
}
}

View File

@ -309,7 +309,7 @@ class PageContentTest extends TestCase
{
$checks = [
'<svg id="test" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="100" height="100"><a xlink:href="javascript:alert(document.domain)"><rect x="0" y="0" width="100" height="100" /></a></svg>',
'<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><use xlink:href="data:application/xml;base64 ,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4KPGRlZnM+CjxjaXJjbGUgaWQ9InRlc3QiIHI9IjAiIGN4PSIwIiBjeT0iMCIgc3R5bGU9ImZpbGw6ICNGMDAiPgo8c2V0IGF0dHJpYnV0ZU5hbWU9ImZpbGwiIGF0dHJpYnV0ZVR5cGU9IkNTUyIgb25iZWdpbj0nYWxlcnQoZG9jdW1lbnQuZG9tYWluKScKb25lbmQ9J2FsZXJ0KCJvbmVuZCIpJyB0bz0iIzAwRiIgYmVnaW49IjBzIiBkdXI9Ijk5OXMiIC8+CjwvY2lyY2xlPgo8L2RlZnM+Cjx1c2UgeGxpbms6aHJlZj0iI3Rlc3QiLz4KPC9zdmc+#test"/></svg>'
'<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><use xlink:href="data:application/xml;base64 ,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4KPGRlZnM+CjxjaXJjbGUgaWQ9InRlc3QiIHI9IjAiIGN4PSIwIiBjeT0iMCIgc3R5bGU9ImZpbGw6ICNGMDAiPgo8c2V0IGF0dHJpYnV0ZU5hbWU9ImZpbGwiIGF0dHJpYnV0ZVR5cGU9IkNTUyIgb25iZWdpbj0nYWxlcnQoZG9jdW1lbnQuZG9tYWluKScKb25lbmQ9J2FsZXJ0KCJvbmVuZCIpJyB0bz0iIzAwRiIgYmVnaW49IjBzIiBkdXI9Ijk5OXMiIC8+CjwvY2lyY2xlPgo8L2RlZnM+Cjx1c2UgeGxpbms6aHJlZj0iI3Rlc3QiLz4KPC9zdmc+#test"/></svg>',
];
$this->asEditor();

View File

@ -125,6 +125,7 @@ class SecurityHeaderTest extends TestCase
protected function getCspHeader(TestResponse $resp, string $type): string
{
$cspHeaders = collect($resp->headers->all('Content-Security-Policy'));
return $cspHeaders->filter(function ($val) use ($type) {
return strpos($val, $type) === 0;
})->first() ?? '';

View File

@ -6,7 +6,6 @@ use Tests\TestCase;
class CustomHeadContentTest extends TestCase
{
public function test_configured_content_shows_on_pages()
{
$this->setSettings(['app-custom-head' => '<script>console.log("cat");</script>']);
@ -27,4 +26,4 @@ class CustomHeadContentTest extends TestCase
$resp = $this->get('/login');
$resp->assertSee('<div id="hello">cat</div>');
}
}
}

View File

@ -1,4 +1,6 @@
<?php namespace Tests\Settings;
<?php
namespace Tests\Settings;
use Tests\TestCase;