Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
ai3
docker
roundcube
Commits
1d507bb9
Commit
1d507bb9
authored
Jun 16, 2019
by
godog
Browse files
Merge branch 'csp_sso_hostname' into 'master'
csp: sso support See merge request
!1
parents
d361ece9
5864f17f
Changes
2
Hide whitespace changes
Inline
Side-by-side
plugins/csp/config.inc.php
View file @
1d507bb9
...
...
@@ -4,3 +4,6 @@
// Set it to the relative URL path of the Roundcube installation.
$config
[
'csp_script_path'
]
=
'/'
;
// If non-empty, the proto + hostname to allow SSO requests,
// e.g. https://sso.domain.org
$config
[
'csp_sso_hostname'
]
=
''
;
plugins/csp/csp.php
View file @
1d507bb9
...
...
@@ -20,10 +20,16 @@ class csp extends rcube_plugin {
$host
=
$_SERVER
[
'HTTP_HOST'
];
$proto
=
rcube_utils
::
https_check
()
?
'https'
:
'http'
;
$path
=
$rcmail
->
config
->
get
(
'csp_script_path'
,
'/'
);
$src_sso
=
""
;
$sso_hostname
=
$rcmail
->
config
->
get
(
'csp_sso_hostname'
,
''
);
if
(
$sso_hostname
!=
''
)
{
$src_sso
.
=
"
{
$sso_hostname
}
"
;
}
$csp_header
=
(
"default-src 'self'; "
.
"script-src 'self'
{
$proto
}
://
{
$host
}{
$path
}
'unsafe-inline' 'unsafe-eval'; "
.
"style-src 'self' 'unsafe-inline'; object-src 'none'"
);
"default-src 'self'
{
$src_sso
}
; "
.
"script-src 'self'
{
$proto
}
://
{
$host
}{
$path
}
'unsafe-inline' 'unsafe-eval'
{
$src_sso
}
; "
.
"style-src 'self' 'unsafe-inline'
{
$src_sso
}
; "
.
"object-src 'none'"
);
header
(
"Content-Security-Policy:
{
$csp_header
}
"
);
return
$content
;
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment