We use cookies to ensure you get the best experience on our website
Startsida Utforska Hjälp
Registrera dig Logga in
0ct0pu5
/
pwm
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

bug fixes and csp updates

jrivard@gmail.com 6 år sedan
förälder
20f8eef1ea
incheckning
ceb9337c65
7 ändrade filer med 17 tillägg och 18 borttagningar
Delad Vy Visa Diff Statistik
  1. 1 1
      server/pom.xml
  2. 4 4
      server/src/main/java/password/pwm/config/stored/StoredConfigurationImpl.java
  3. 1 2
      server/src/main/resources/password/pwm/config/PwmSetting.xml
  4. 1 1
      webapp/src/main/webapp/WEB-INF/jsp/fragment/footer.jsp
  5. 1 1
      webapp/src/main/webapp/WEB-INF/jsp/fragment/ldap-selector.jsp
  6. 2 2
      webapp/src/main/webapp/WEB-INF/jsp/fragment/message.jsp
  7. 7 7
      webapp/src/main/webapp/public/resources/js/main.js

+ 1 - 1
server/pom.xml
Visa fil 

@@ -322,7 +322,7 @@
 
         <dependency>
 
             <groupId>com.github.ziplet</groupId>
 
             <artifactId>ziplet</artifactId>
 
-            <version>2.3.0</version>
 
+            <version>2.4.1</version>
 
             <exclusions>
 
                 <exclusion>
 
                     <groupId>com.google.googlejavaformat</groupId>

+ 4 - 4
server/src/main/java/password/pwm/config/stored/StoredConfigurationImpl.java
Visa fil 

@@ -246,13 +246,13 @@ public class StoredConfigurationImpl implements StoredConfiguration
 
             // remove existing element
 
             {
 
                 final XmlElement propertyElement  = xmlHelper.xpathForConfigProperty( propertyName );
 
-                propertyElement.detach();
 
+                if ( propertyElement != null )
 
+                {
 
+                    propertyElement.detach();
 
+                }
 
             }
 
 
             // add new property
 
-            {
 
-
 
-            }
 
             final XmlElement propertyElement = xmlHelper.getXmlFactory().newElement( XML_ELEMENT_PROPERTY );
 
             propertyElement.setAttribute( XML_ATTRIBUTE_KEY, propertyName.getKey() );
 
             propertyElement.addText( value );

+ 1 - 2
server/src/main/resources/password/pwm/config/PwmSetting.xml
Visa fil 

@@ -1627,8 +1627,7 @@
 
     </setting>
 
     <setting hidden="false" key="security.cspHeader" level="2">
 
         <default>
 
-            <!--<value><![CDATA[]]></value>-->
 
-            <value><![CDATA[default-src 'self'; object-src 'none'; img-src 'self' data:; style-src 'self'; script-src https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'self' 'nonce-%NONCE%' ; frame-src https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; report-uri /sspr/public/command/cspReport]]></value>
 
+            <value><![CDATA[default-src 'self'; object-src 'none'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'self' 'unsafe-eval' 'nonce-%NONCE%'; frame-src https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; report-uri /sspr/public/command/cspReport]]></value>
 
         </default>
 
     </setting>
 
     <setting hidden="false" key="email.adminAlert.toAddress" level="1">

+ 1 - 1
webapp/src/main/webapp/WEB-INF/jsp/fragment/footer.jsp
Visa fil 

@@ -68,7 +68,7 @@
 
 </pwm:if>
 
 <pwm:script>
 
     <script type="text/javascript">
 
-        var dojoConfig = { has: { "csp-restrictions":false }, async:true }
 
+        var dojoConfig = { has: { "csp-restrictions":true }, async:true}
 
     </script>
 
 </pwm:script>
 
 <pwm:if test="<%=PwmIfTest.hasCustomJavascript%>">

+ 1 - 1
webapp/src/main/webapp/WEB-INF/jsp/fragment/ldap-selector.jsp
Visa fil 

@@ -65,7 +65,7 @@
 
     </select>
 
 </div>
 
 <% } %>
 
-<div style="display: <%=showContextSelector?"inherit":"none"%>" id="contextSelectorWrapper">
 
+<div <%=showContextSelector?"":"class=\"display-none\" "%>" id="contextSelectorWrapper">
 
     <h2 class="loginFieldLabel"><label for="<%=PwmConstants.PARAM_CONTEXT%>"><pwm:display key="Field_Location"/></label></h2>
 
     <div class="formFieldWrapper">
 
         <select name="<%=PwmConstants.PARAM_CONTEXT%>" id="<%=PwmConstants.PARAM_CONTEXT%>" class="selectfield" title="<pwm:display key="Field_Location"/>">

+ 2 - 2
webapp/src/main/webapp/WEB-INF/jsp/fragment/message.jsp
Visa fil 

@@ -35,7 +35,7 @@
 
     <span id="errorCode" style="display: none"><%=requestError.getError().getErrorCode()%></span>
 
     <span id="errorName" style="display: none"><%=requestError.getError().toString()%></span>
 
 <% } else { %>
 
-    <span style="display:none" id="message" class="message">&nbsp;</span>
 
+    <span id="message" class="message display-none">&nbsp;</span>
 
 <% } %>
 
-    <div id="capslockwarning" style="display:none;"><pwm:display key="Display_CapsLockIsOn"/></div>
 
+    <div id="capslockwarning" class="display-none"><pwm:display key="Display_CapsLockIsOn"/></div>
 
 </div>

+ 7 - 7
webapp/src/main/webapp/public/resources/js/main.js
Visa fil 

@@ -474,19 +474,19 @@ PWM_MAIN.checkForCapsLock = function(e) {
 
 
         if(dojo.isIE){
 
             if (capsLockKeyDetected) {
 
-                capsLockWarningElement.style.display = 'block';
 
+                PWM_MAIN.removeCssClass('capslockwarning','display-none');
 
                 PWM_GLOBAL['lastCapsLockErrorTime'] = (new Date().getTime());
 
                 setTimeout(function(){
 
                     if ((new Date().getTime() - PWM_GLOBAL['lastCapsLockErrorTime'] > displayDuration)) {
 
-                        capsLockWarningElement.style.display = 'none';
 
+                        PWM_MAIN.addCssClass('capslockwarning','display-none');
 
                     }
 
                 },displayDuration + 500);
 
             } else {
 
-                capsLockWarningElement.style.display = 'none';
 
+                PWM_MAIN.addCssClass('capslockwarning','display-none');
 
             }
 
         } else {
 
             if (capsLockKeyDetected) {
 
-                capsLockWarningElement.style.display = null;
 
+                PWM_MAIN.removeCssClass('capslockwarning','display-none');
 
                 fx.fadeIn(fadeInArgs).play();
 
                 PWM_GLOBAL['lastCapsLockErrorTime'] = (new Date().getTime());
 
                 setTimeout(function(){
 
@@ -494,7 +494,7 @@ PWM_MAIN.checkForCapsLock = function(e) {
 
                         dojo.fadeOut(fadeOutArgs).play();
 
                         setTimeout(function(){
 
                             if ((new Date().getTime() - PWM_GLOBAL['lastCapsLockErrorTime'] > displayDuration)) {
 
-                                capsLockWarningElement.style.display = 'none';
 
+                                PWM_MAIN.addCssClass('capslockwarning','display-none');
 
                             }
 
                         },5 * 1000);
 
                     }
 
@@ -1392,10 +1392,10 @@ PWM_MAIN.updateLoginContexts = function() {
 
         var selectedProfile = ldapProfileElement.options[ldapProfileElement.selectedIndex].value;
 
         var contextList = PWM_GLOBAL['ldapProfiles'][selectedProfile];
 
         if (PWM_MAIN.JSLibrary.isEmpty(contextList)) {
 
-            PWM_MAIN.getObject('contextSelectorWrapper').style.display = 'none';
 
+            PWM_MAIN.addCssClass( 'contentSelectorWrapper', 'display-none' );
 
         } else {
 
             contextElement.innerHTML = '';
 
-            PWM_MAIN.getObject('contextSelectorWrapper').style.display = 'inherit';
 
+            PWM_MAIN.removeCssClass( 'contentSelectorWrapper', 'display-none' );
 
             for (var iter in contextList) {
 
                 (function (key) {
 
                     var display = contextList[key];

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5