BUGFIX: implemented CSP

This commit is contained in:
Jeroen De Meerleer 2022-02-01 14:29:19 +01:00
parent 21f1d180ad
commit ce1a22a6a9
Signed by: JeroenED
GPG Key ID: 28CCCB8F62BFADD6
4 changed files with 18 additions and 22 deletions

View File

@ -5,9 +5,18 @@ document.addEventListener("readystatechange", event => {
if(event.target.readyState === 'complete') {
initDeleteButtons();
initRunNowButtons();
initTags();
}
});
function initTags() {
document.querySelectorAll('.tag').forEach(elem => {
let backcolor = elem.dataset.backgroundColor;
let frontcolor = elem.dataset.color;
elem.style.backgroundColor = backcolor;
elem.style.color = frontcolor;
})
}
function initDeleteButtons() {
document.querySelectorAll('.delete-btn').forEach(elem => elem.addEventListener("click", event => {
let me = event.currentTarget;

View File

@ -7,26 +7,10 @@ document.addEventListener("readystatechange", event => {
});
function initTags() {
var tags = JSON.parse(localStorage.getItem('tags')) ?? new Object();
var collected = Object.keys(tags);
document.querySelectorAll('.job-name').forEach(elem => {
let matches = elem.textContent.matchAll(/\[([A-Za-z0-9 \-]+)\]/g)
for (const tag of matches) {
if (typeof tag != 'undefined') {
if(collected.indexOf(tag[1]) == -1) {
let color = '#'+tag[1].hashCode().toString(16).substr(1,6)// ; (0x1000000+Math.random()*0xffffff).toString(16).substr(1,6)
collected.push(tag[1]);
tags[tag[1]] = color;
}
let tagcolor = tags[tag[1]];
let newelem = document.createElement('span')
newelem.classList.add('tag');
newelem.innerHTML = tag[1];
newelem.style.backgroundColor = tagcolor;
newelem.style.color = Utils.lightOrDark(tagcolor) == 'dark' ? '#ffffff' : '#000000';
elem.innerHTML = elem.innerHTML.replace(tag[0], newelem.outerHTML);
}
}
document.querySelectorAll('.tag').forEach(elem => {
let backcolor = elem.dataset.backgroundColor;
let frontcolor = elem.dataset.color;
elem.style.backgroundColor = backcolor;
elem.style.color = frontcolor;
})
localStorage.setItem('tags', JSON.stringify(tags));
}

View File

@ -33,6 +33,9 @@ class Router
$response = $controllerObj->$action(...$method);
if ($response instanceof Response) {
$response->headers->add([
"Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; img-src 'self' data:; form-action 'self'; require-trusted-types-for 'script'"
]);
return $response;
} else {
throw new InvalidArgumentException();

View File

@ -80,7 +80,7 @@ class Twig
foreach ($results[0] as $key=>$result) {
$background = substr(md5($results[0][$key]), 0, 6);
$color = $this->lightOrDark($background) == 'dark' ? 'ffffff' : '000000';
$text = str_replace($results[0][$key], '<span class="tag" style="background-color: #' . $background . '; color: #' . $color . '">' . $results[1][$key] . '</span>', $text);
$text = str_replace($results[0][$key], '<span class="tag" data-background-color="#' . $background . '" data-color="#' . $color . '">' . $results[1][$key] . '</span>', $text);
}
return $text;
});