Allow connections from the logout page CSP

c49e8adf · ale · 6577b086 · c49e8adf · c49e8adf · c49e8adf
Commit c49e8adf authored Feb 18, 2018 by ale
6 changed files
--- a/server/bindata.go
+++ b/server/bindata.go
@@ -125,6 +125,7 @@ var _staticCssSigninCss = []byte(`body {
 /* logout page */
 .logout-status {
  font-weight: bold;
+  display: none;
 }
 .logout-status-ok {
  background-color: green;
@@ -146,7 +147,7 @@ func staticCssSigninCss() (*asset, error) {
 		return nil, err
 	}

-	info := bindataFileInfo{name: "static/css/signin.css", size: 992, mode: os.FileMode(436), modTime: time.Unix(1518958548, 0)}
+	info := bindataFileInfo{name: "static/css/signin.css", size: 1009, mode: os.FileMode(436), modTime: time.Unix(1518963930, 0)}
 	a := &asset{bytes: bytes, info: info}
 	return a, nil
 }
@@ -211,11 +212,11 @@ idlogout.logout_service = function(idx, service) {
            withCredentials: true
        },
        success: function() {
-            $('#status_'+idx).class('logout-status-ok').text('OK');
+            $('#status_'+idx).addClass('logout-status-ok').text('OK');
            console.log('successful logout for ' + service.name);
        },
        error: function() {
-            $('#status_'+idx).class('logout-status-error').text('ERROR');
+            $('#status_'+idx).addClass('logout-status-error').text('ERROR');
            console.log('error logging out of ' + service.name);
        }
    });
@@ -229,6 +230,7 @@ idlogout.logout = function() {
 };

 $(function() {
+    $('.logout-status').show();
    idlogout.logout();
 });
 `)
@@ -243,7 +245,7 @@ func staticJsLogoutJs() (*asset, error) {
 		return nil, err
 	}

-	info := bindataFileInfo{name: "static/js/logout.js", size: 1015, mode: os.FileMode(436), modTime: time.Unix(1518963191, 0)}
+	info := bindataFileInfo{name: "static/js/logout.js", size: 1053, mode: os.FileMode(436), modTime: time.Unix(1518963941, 0)}
 	a := &asset{bytes: bytes, info: info}
 	return a, nil
 }
@@ -1265,16 +1267,21 @@ var _templatesLogoutHtml = []byte(`{{template "header" .}}
        Signing you out from all services...
      </p>

-      <ul>
-        {{range $i, $svc := .Services}}
-        <li>
-          <noscript>
-            <img src="{{$svc.URL}}">
-          </noscript>
-          <div class="logout-status" id="status_{{$i}}">...</div> {{$svc.Name}}
-        </li>
-        {{end}}
-      </ul>
+      <table><tbody>
+          {{range $i, $svc := .Services}}
+          <tr>
+            <td>
+              <noscript>
+                <img src="{{$svc.URL}}">
+              </noscript>
+              <div class="logout-status" id="status_{{$i}}">...</div>
+            </td>
+            <td>
+              {{$svc.Name}}
+            </td>
+          </tr>
+          {{end}}
+      </tbody></table>

      <div id="services" data-services="{{.ServicesJSON}}"></div>

@@ -1313,7 +1320,7 @@ func templatesLogoutHtml() (*asset, error) {
 		return nil, err
 	}

-	info := bindataFileInfo{name: "templates/logout.html", size: 1381, mode: os.FileMode(436), modTime: time.Unix(1518963171, 0)}
+	info := bindataFileInfo{name: "templates/logout.html", size: 1510, mode: os.FileMode(436), modTime: time.Unix(1518963960, 0)}
 	a := &asset{bytes: bytes, info: info}
 	return a, nil
 }
@@ -1325,7 +1332,7 @@ var _templatesPageHtml = []byte(`{{define "header"}}<!DOCTYPE html>
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    {{if .U2FSignRequest}}<meta name="u2f_request" value="{{json .U2FSignRequest}}">{{end}}
    <link rel="stylesheet" href="/static/css/bootstrap.min.css" integrity="sha384-/Y6pD6FV/Vv2HJnA6t+vslU6fwYXjCFtcEpHbNJ0lyAFsXTsjBbfaDjzALeQsN6M">
-    <link rel="stylesheet" href="/static/css/signin.css" integrity="sha384-Qj/laxKROb+o3N4XlayJF2LOuybTRxjeOP+DEeYYEwQUiVtNjaMdgnPbN5ffI/Ub">
+    <link rel="stylesheet" href="/static/css/signin.css" integrity="sha384-9Y3UkAyM3svAuamEoaXIxe+1MqBKJdZtL8S1FZjvE1XqkICDH7DTXNavnFV8Uk2o">
    <title>Sign In</title>
  </head>

@@ -1344,7 +1351,7 @@ var _templatesPageHtml = []byte(`{{define "header"}}<!DOCTYPE html>
    <script type="text/javascript" src="/static/js/u2f.js" integrity="sha384-vd6lytRvVm189G5gr34wlOvN672vVBceTZqV+lTSeec0DBLc0GlWLyKDHc6mrIZS"></script>
 {{end}}
 {{if .IncludeLogoutScripts}}
-    <script type="text/javascript" src="/static/js/logout.js" integrity="sha384-swhUuZtRhByZOwc9Obn/dcrmcTXonO4xFuaIZKU3X8Ge/DSv3b+O4rL0+rjzRiRz"></script>
+    <script type="text/javascript" src="/static/js/logout.js" integrity="sha384-lFECzouyNyktRdo1mjFpvlIWeKfD3FMASOF5o3AnPqFY1Bmiwpx7qfTSLCmNL8Aj"></script>
 {{end}}
  </body>
 </html>
@@ -1361,7 +1368,7 @@ func templatesPageHtml() (*asset, error) {
 		return nil, err
 	}

-	info := bindataFileInfo{name: "templates/page.html", size: 1686, mode: os.FileMode(436), modTime: time.Unix(1518963201, 0)}
+	info := bindataFileInfo{name: "templates/page.html", size: 1686, mode: os.FileMode(436), modTime: time.Unix(1518963980, 0)}
 	a := &asset{bytes: bytes, info: info}
 	return a, nil
 }

--- a/server/http.go
+++ b/server/http.go
@@ -350,7 +350,7 @@ const contentSecurityPolicy = "default-src 'none'; img-src 'self' data:; script-

 // Slightly looser CSP for the logout page: it needs to load remote
 // images.
-const logoutContentSecurityPolicy = "default-src 'none'; img-src *; script-src 'self'; style-src 'self'; connect-src 'self';"
+const logoutContentSecurityPolicy = "default-src 'none'; img-src *; script-src 'self'; style-src 'self'; connect-src *;"

 func withDynamicHeaders(h http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

--- a/server/static/css/signin.css
+++ b/server/static/css/signin.css
@@ -44,6 +44,7 @@ body {
 /* logout page */
 .logout-status {
  font-weight: bold;
+  display: none;
 }
 .logout-status-ok {
  background-color: green;

--- a/server/static/js/logout.js
+++ b/server/static/js/logout.js
@@ -15,11 +15,11 @@ idlogout.logout_service = function(idx, service) {
            withCredentials: true
        },
        success: function() {
-            $('#status_'+idx).class('logout-status-ok').text('OK');
+            $('#status_'+idx).addClass('logout-status-ok').text('OK');
            console.log('successful logout for ' + service.name);
        },
        error: function() {
-            $('#status_'+idx).class('logout-status-error').text('ERROR');
+            $('#status_'+idx).addClass('logout-status-error').text('ERROR');
            console.log('error logging out of ' + service.name);
        }
    });
@@ -33,5 +33,6 @@ idlogout.logout = function() {
 };

 $(function() {
+    $('.logout-status').show();
    idlogout.logout();
 });
--- a/server/templates/logout.html
+++ b/server/templates/logout.html
@@ -21,16 +21,21 @@
        Signing you out from all services...
      </p>

-      <ul>
-        {{range $i, $svc := .Services}}
-        <li>
-          <noscript>
-            <img src="{{$svc.URL}}">
-          </noscript>
-          <div class="logout-status" id="status_{{$i}}">...</div> {{$svc.Name}}
-        </li>
-        {{end}}
-      </ul>
+      <table><tbody>
+          {{range $i, $svc := .Services}}
+          <tr>
+            <td>
+              <noscript>
+                <img src="{{$svc.URL}}">
+              </noscript>
+              <div class="logout-status" id="status_{{$i}}">...</div>
+            </td>
+            <td>
+              {{$svc.Name}}
+            </td>
+          </tr>
+          {{end}}
+      </tbody></table>

      <div id="services" data-services="{{.ServicesJSON}}"></div>


--- a/server/templates/page.html
+++ b/server/templates/page.html
@@ -5,7 +5,7 @@
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
    {{if .U2FSignRequest}}<meta name="u2f_request" value="{{json .U2FSignRequest}}">{{end}}
    <link rel="stylesheet" href="/static/css/bootstrap.min.css" integrity="sha384-/Y6pD6FV/Vv2HJnA6t+vslU6fwYXjCFtcEpHbNJ0lyAFsXTsjBbfaDjzALeQsN6M">
-    <link rel="stylesheet" href="/static/css/signin.css" integrity="sha384-Qj/laxKROb+o3N4XlayJF2LOuybTRxjeOP+DEeYYEwQUiVtNjaMdgnPbN5ffI/Ub">
+    <link rel="stylesheet" href="/static/css/signin.css" integrity="sha384-9Y3UkAyM3svAuamEoaXIxe+1MqBKJdZtL8S1FZjvE1XqkICDH7DTXNavnFV8Uk2o">
    <title>Sign In</title>
  </head>

@@ -24,7 +24,7 @@
    <script type="text/javascript" src="/static/js/u2f.js" integrity="sha384-vd6lytRvVm189G5gr34wlOvN672vVBceTZqV+lTSeec0DBLc0GlWLyKDHc6mrIZS"></script>
 {{end}}
 {{if .IncludeLogoutScripts}}
-    <script type="text/javascript" src="/static/js/logout.js" integrity="sha384-swhUuZtRhByZOwc9Obn/dcrmcTXonO4xFuaIZKU3X8Ge/DSv3b+O4rL0+rjzRiRz"></script>
+    <script type="text/javascript" src="/static/js/logout.js" integrity="sha384-lFECzouyNyktRdo1mjFpvlIWeKfD3FMASOF5o3AnPqFY1Bmiwpx7qfTSLCmNL8Aj"></script>
 {{end}}
  </body>
 </html>