Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-01 01:36:00 -04:00
Code Issues Packages Projects Releases Wiki Activity

Applied latest styleci changes

Browse Source
This commit is contained in:
Dan Brown 2021-09-06 22:19:06 +01:00
parent 88c698796b
commit fb80bb5d58
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
10 changed files with 17 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Middleware/ApplyCspRules.php
View File

@ -8,7 +8,6 @@ use Illuminate\Http\Request;
class ApplyCspRules class ApplyCspRules
{ {
/** /**
* @var CspService * @var CspService
*/ */
@ -43,5 +42,4 @@ class ApplyCspRules
return $response; return $response;
} }
} }

2
app/Providers/AppServiceProvider.php
View File

@ -73,7 +73,7 @@ class AppServiceProvider extends ServiceProvider
return new SocialAuthService($app->make(SocialiteFactory::class), $app->make(LoginService::class)); return new SocialAuthService($app->make(SocialiteFactory::class), $app->make(LoginService::class));
}); });
$this->app->singleton(CspService::class, function($app) { $this->app->singleton(CspService::class, function ($app) {
return new CspService(); return new CspService();
}); });
} }

9
app/Theming/CustomHtmlHeadContentProvider.php
View File

@ -33,9 +33,10 @@ class CustomHtmlHeadContentProvider
{ {
$content = $this->getSourceContent(); $content = $this->getSourceContent();
$hash = md5($content); $hash = md5($content);
$html = $this->cache->remember('custom-head-web:' . $hash, 86400, function() use ($content) { $html = $this->cache->remember('custom-head-web:' . $hash, 86400, function () use ($content) {
return HtmlNonceApplicator::prepare($content); return HtmlNonceApplicator::prepare($content);
}); });
return HtmlNonceApplicator::apply($html, $this->cspService->getNonce()); return HtmlNonceApplicator::apply($html, $this->cspService->getNonce());
} }
@ -47,8 +48,9 @@ class CustomHtmlHeadContentProvider
{ {
$content = $this->getSourceContent(); $content = $this->getSourceContent();
$hash = md5($content); $hash = md5($content);
return $this->cache->remember('custom-head-export:' . $hash, 86400, function() use ($content) {
return HtmlContentFilter::removeScripts($content); return $this->cache->remember('custom-head-export:' . $hash, 86400, function () use ($content) {
return HtmlContentFilter::removeScripts($content);
}); });
} }
@ -59,5 +61,4 @@ class CustomHtmlHeadContentProvider
{ {
return setting('app-custom-head', ''); return setting('app-custom-head', '');
} }
} }

2
app/Util/CspService.php
View File

@ -90,7 +90,7 @@ class CspService
protected function getAllowedIframeHosts(): array protected function getAllowedIframeHosts(): array
{ {
$hosts = config('app.iframe_hosts', ''); $hosts = config('app.iframe_hosts', '');
return array_filter(explode(' ', $hosts)); return array_filter(explode(' ', $hosts));
} }
} }

1
app/Util/HtmlContentFilter.php
View File

@ -70,6 +70,7 @@ class HtmlContentFilter
{ {
$value = strtolower($value); $value = strtolower($value);
$upperVal = strtoupper($value); $upperVal = strtoupper($value);
return 'contains(translate(' . $property . ', \'' . $upperVal . '\', \'' . $value . '\'), \'' . $value . '\')'; return 'contains(translate(' . $property . ', \'' . $upperVal . '\', \'' . $value . '\'), \'' . $value . '\')';
} }

3
app/Util/HtmlNonceApplicator.php
View File

@ -38,7 +38,7 @@ class HtmlNonceApplicator
$returnHtml = ''; $returnHtml = '';
$topElems = $doc->documentElement->childNodes->item(0)->childNodes; $topElems = $doc->documentElement->childNodes->item(0)->childNodes;
foreach ($topElems as $child) { foreach ($topElems as $child) {
$content = $doc->saveHTML($child); $content = $doc->saveHTML($child);
$returnHtml .= $content; $returnHtml .= $content;
} }
@ -60,5 +60,4 @@ class HtmlNonceApplicator
$node->setAttribute('nonce', $attrValue); $node->setAttribute('nonce', $attrValue);
} }
} }
} }

2
tests/Entity/PageContentTest.php
View File

@ -309,7 +309,7 @@ class PageContentTest extends TestCase
{ {
$checks = [ $checks = [
'<svg id="test" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="100" height="100"><a xlink:href="javascript:alert(document.domain)"><rect x="0" y="0" width="100" height="100" /></a></svg>', '<svg id="test" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="100" height="100"><a xlink:href="javascript:alert(document.domain)"><rect x="0" y="0" width="100" height="100" /></a></svg>',
'<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><use xlink:href="data:application/xml;base64 ,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4KPGRlZnM+CjxjaXJjbGUgaWQ9InRlc3QiIHI9IjAiIGN4PSIwIiBjeT0iMCIgc3R5bGU9ImZpbGw6ICNGMDAiPgo8c2V0IGF0dHJpYnV0ZU5hbWU9ImZpbGwiIGF0dHJpYnV0ZVR5cGU9IkNTUyIgb25iZWdpbj0nYWxlcnQoZG9jdW1lbnQuZG9tYWluKScKb25lbmQ9J2FsZXJ0KCJvbmVuZCIpJyB0bz0iIzAwRiIgYmVnaW49IjBzIiBkdXI9Ijk5OXMiIC8+CjwvY2lyY2xlPgo8L2RlZnM+Cjx1c2UgeGxpbms6aHJlZj0iI3Rlc3QiLz4KPC9zdmc+#test"/></svg>' '<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><use xlink:href="data:application/xml;base64 ,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4KPGRlZnM+CjxjaXJjbGUgaWQ9InRlc3QiIHI9IjAiIGN4PSIwIiBjeT0iMCIgc3R5bGU9ImZpbGw6ICNGMDAiPgo8c2V0IGF0dHJpYnV0ZU5hbWU9ImZpbGwiIGF0dHJpYnV0ZVR5cGU9IkNTUyIgb25iZWdpbj0nYWxlcnQoZG9jdW1lbnQuZG9tYWluKScKb25lbmQ9J2FsZXJ0KCJvbmVuZCIpJyB0bz0iIzAwRiIgYmVnaW49IjBzIiBkdXI9Ijk5OXMiIC8+CjwvY2lyY2xlPgo8L2RlZnM+Cjx1c2UgeGxpbms6aHJlZj0iI3Rlc3QiLz4KPC9zdmc+#test"/></svg>',
]; ];
$this->asEditor(); $this->asEditor();

1
tests/SecurityHeaderTest.php
View File

@ -125,6 +125,7 @@ class SecurityHeaderTest extends TestCase
protected function getCspHeader(TestResponse $resp, string $type): string protected function getCspHeader(TestResponse $resp, string $type): string
{ {
$cspHeaders = collect($resp->headers->all('Content-Security-Policy')); $cspHeaders = collect($resp->headers->all('Content-Security-Policy'));
return $cspHeaders->filter(function ($val) use ($type) { return $cspHeaders->filter(function ($val) use ($type) {
return strpos($val, $type) === 0; return strpos($val, $type) === 0;
})->first() ?? ''; })->first() ?? '';

1
tests/Settings/CustomHeadContentTest.php
View File

@ -6,7 +6,6 @@ use Tests\TestCase;
class CustomHeadContentTest extends TestCase class CustomHeadContentTest extends TestCase
{ {
public function test_configured_content_shows_on_pages() public function test_configured_content_shows_on_pages()
{ {
$this->setSettings(['app-custom-head' => '<script>console.log("cat");</script>']); $this->setSettings(['app-custom-head' => '<script>console.log("cat");</script>']);

4
tests/Settings/FooterLinksTest.php
View File

@ -1,4 +1,6 @@
<?php namespace Tests\Settings; <?php
namespace Tests\Settings;
use Tests\TestCase; use Tests\TestCase;