Commit c49e8adf authored by ale's avatar ale

Allow connections from the logout page CSP

parent 6577b086
Pipeline #917 passed with stages
in 1 minute and 8 seconds
......@@ -125,6 +125,7 @@ var _staticCssSigninCss = []byte(`body {
/* logout page */
.logout-status {
font-weight: bold;
display: none;
}
.logout-status-ok {
background-color: green;
......@@ -146,7 +147,7 @@ func staticCssSigninCss() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "static/css/signin.css", size: 992, mode: os.FileMode(436), modTime: time.Unix(1518958548, 0)}
info := bindataFileInfo{name: "static/css/signin.css", size: 1009, mode: os.FileMode(436), modTime: time.Unix(1518963930, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
......@@ -211,11 +212,11 @@ idlogout.logout_service = function(idx, service) {
withCredentials: true
},
success: function() {
$('#status_'+idx).class('logout-status-ok').text('OK');
$('#status_'+idx).addClass('logout-status-ok').text('OK');
console.log('successful logout for ' + service.name);
},
error: function() {
$('#status_'+idx).class('logout-status-error').text('ERROR');
$('#status_'+idx).addClass('logout-status-error').text('ERROR');
console.log('error logging out of ' + service.name);
}
});
......@@ -229,6 +230,7 @@ idlogout.logout = function() {
};
$(function() {
$('.logout-status').show();
idlogout.logout();
});
`)
......@@ -243,7 +245,7 @@ func staticJsLogoutJs() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "static/js/logout.js", size: 1015, mode: os.FileMode(436), modTime: time.Unix(1518963191, 0)}
info := bindataFileInfo{name: "static/js/logout.js", size: 1053, mode: os.FileMode(436), modTime: time.Unix(1518963941, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
......@@ -1265,16 +1267,21 @@ var _templatesLogoutHtml = []byte(`{{template "header" .}}
Signing you out from all services...
</p>
<ul>
{{range $i, $svc := .Services}}
<li>
<noscript>
<img src="{{$svc.URL}}">
</noscript>
<div class="logout-status" id="status_{{$i}}">...</div> {{$svc.Name}}
</li>
{{end}}
</ul>
<table><tbody>
{{range $i, $svc := .Services}}
<tr>
<td>
<noscript>
<img src="{{$svc.URL}}">
</noscript>
<div class="logout-status" id="status_{{$i}}">...</div>
</td>
<td>
{{$svc.Name}}
</td>
</tr>
{{end}}
</tbody></table>
<div id="services" data-services="{{.ServicesJSON}}"></div>
......@@ -1313,7 +1320,7 @@ func templatesLogoutHtml() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "templates/logout.html", size: 1381, mode: os.FileMode(436), modTime: time.Unix(1518963171, 0)}
info := bindataFileInfo{name: "templates/logout.html", size: 1510, mode: os.FileMode(436), modTime: time.Unix(1518963960, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
......@@ -1325,7 +1332,7 @@ var _templatesPageHtml = []byte(`{{define "header"}}<!DOCTYPE html>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
{{if .U2FSignRequest}}<meta name="u2f_request" value="{{json .U2FSignRequest}}">{{end}}
<link rel="stylesheet" href="/static/css/bootstrap.min.css" integrity="sha384-/Y6pD6FV/Vv2HJnA6t+vslU6fwYXjCFtcEpHbNJ0lyAFsXTsjBbfaDjzALeQsN6M">
<link rel="stylesheet" href="/static/css/signin.css" integrity="sha384-Qj/laxKROb+o3N4XlayJF2LOuybTRxjeOP+DEeYYEwQUiVtNjaMdgnPbN5ffI/Ub">
<link rel="stylesheet" href="/static/css/signin.css" integrity="sha384-9Y3UkAyM3svAuamEoaXIxe+1MqBKJdZtL8S1FZjvE1XqkICDH7DTXNavnFV8Uk2o">
<title>Sign In</title>
</head>
......@@ -1344,7 +1351,7 @@ var _templatesPageHtml = []byte(`{{define "header"}}<!DOCTYPE html>
<script type="text/javascript" src="/static/js/u2f.js" integrity="sha384-vd6lytRvVm189G5gr34wlOvN672vVBceTZqV+lTSeec0DBLc0GlWLyKDHc6mrIZS"></script>
{{end}}
{{if .IncludeLogoutScripts}}
<script type="text/javascript" src="/static/js/logout.js" integrity="sha384-swhUuZtRhByZOwc9Obn/dcrmcTXonO4xFuaIZKU3X8Ge/DSv3b+O4rL0+rjzRiRz"></script>
<script type="text/javascript" src="/static/js/logout.js" integrity="sha384-lFECzouyNyktRdo1mjFpvlIWeKfD3FMASOF5o3AnPqFY1Bmiwpx7qfTSLCmNL8Aj"></script>
{{end}}
</body>
</html>
......@@ -1361,7 +1368,7 @@ func templatesPageHtml() (*asset, error) {
return nil, err
}
info := bindataFileInfo{name: "templates/page.html", size: 1686, mode: os.FileMode(436), modTime: time.Unix(1518963201, 0)}
info := bindataFileInfo{name: "templates/page.html", size: 1686, mode: os.FileMode(436), modTime: time.Unix(1518963980, 0)}
a := &asset{bytes: bytes, info: info}
return a, nil
}
......
......@@ -350,7 +350,7 @@ const contentSecurityPolicy = "default-src 'none'; img-src 'self' data:; script-
// Slightly looser CSP for the logout page: it needs to load remote
// images.
const logoutContentSecurityPolicy = "default-src 'none'; img-src *; script-src 'self'; style-src 'self'; connect-src 'self';"
const logoutContentSecurityPolicy = "default-src 'none'; img-src *; script-src 'self'; style-src 'self'; connect-src *;"
func withDynamicHeaders(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
......
......@@ -44,6 +44,7 @@ body {
/* logout page */
.logout-status {
font-weight: bold;
display: none;
}
.logout-status-ok {
background-color: green;
......
......@@ -15,11 +15,11 @@ idlogout.logout_service = function(idx, service) {
withCredentials: true
},
success: function() {
$('#status_'+idx).class('logout-status-ok').text('OK');
$('#status_'+idx).addClass('logout-status-ok').text('OK');
console.log('successful logout for ' + service.name);
},
error: function() {
$('#status_'+idx).class('logout-status-error').text('ERROR');
$('#status_'+idx).addClass('logout-status-error').text('ERROR');
console.log('error logging out of ' + service.name);
}
});
......@@ -33,5 +33,6 @@ idlogout.logout = function() {
};
$(function() {
$('.logout-status').show();
idlogout.logout();
});
......@@ -21,16 +21,21 @@
Signing you out from all services...
</p>
<ul>
{{range $i, $svc := .Services}}
<li>
<noscript>
<img src="{{$svc.URL}}">
</noscript>
<div class="logout-status" id="status_{{$i}}">...</div> {{$svc.Name}}
</li>
{{end}}
</ul>
<table><tbody>
{{range $i, $svc := .Services}}
<tr>
<td>
<noscript>
<img src="{{$svc.URL}}">
</noscript>
<div class="logout-status" id="status_{{$i}}">...</div>
</td>
<td>
{{$svc.Name}}
</td>
</tr>
{{end}}
</tbody></table>
<div id="services" data-services="{{.ServicesJSON}}"></div>
......
......@@ -5,7 +5,7 @@
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
{{if .U2FSignRequest}}<meta name="u2f_request" value="{{json .U2FSignRequest}}">{{end}}
<link rel="stylesheet" href="/static/css/bootstrap.min.css" integrity="sha384-/Y6pD6FV/Vv2HJnA6t+vslU6fwYXjCFtcEpHbNJ0lyAFsXTsjBbfaDjzALeQsN6M">
<link rel="stylesheet" href="/static/css/signin.css" integrity="sha384-Qj/laxKROb+o3N4XlayJF2LOuybTRxjeOP+DEeYYEwQUiVtNjaMdgnPbN5ffI/Ub">
<link rel="stylesheet" href="/static/css/signin.css" integrity="sha384-9Y3UkAyM3svAuamEoaXIxe+1MqBKJdZtL8S1FZjvE1XqkICDH7DTXNavnFV8Uk2o">
<title>Sign In</title>
</head>
......@@ -24,7 +24,7 @@
<script type="text/javascript" src="/static/js/u2f.js" integrity="sha384-vd6lytRvVm189G5gr34wlOvN672vVBceTZqV+lTSeec0DBLc0GlWLyKDHc6mrIZS"></script>
{{end}}
{{if .IncludeLogoutScripts}}
<script type="text/javascript" src="/static/js/logout.js" integrity="sha384-swhUuZtRhByZOwc9Obn/dcrmcTXonO4xFuaIZKU3X8Ge/DSv3b+O4rL0+rjzRiRz"></script>
<script type="text/javascript" src="/static/js/logout.js" integrity="sha384-lFECzouyNyktRdo1mjFpvlIWeKfD3FMASOF5o3AnPqFY1Bmiwpx7qfTSLCmNL8Aj"></script>
{{end}}
</body>
</html>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment