gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-16 22:51:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'seeddms-5.1.x' into seeddms-6.0.x

Browse Source
This commit is contained in:
Uwe Steinmann 2020-03-18 18:17:33 +01:00
commit 2c53286943
2 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
styles/bootstrap/application.css
View File

@ -13,6 +13,12 @@ img.mimeicon {
background-color: white; background-color: white;
} }
span.list-details {
font-size: 85%;
font-style: italic;
color: #666;
}
.list-action a { .list-action a {
text-decoration: none; text-decoration: none;
color: #333; color: #333;

9
views/bootstrap/class.Bootstrap.php
View File

@ -57,12 +57,17 @@ class SeedDMS_Bootstrap_Style extends SeedDMS_View_Common {
* Content-Security-Policy since version 23+ * Content-Security-Policy since version 23+
* 'worker-src blob:' is needed for cytoscape * 'worker-src blob:' is needed for cytoscape
*/ */
$csp_rules = "script-src 'self' 'unsafe-eval'; worker-src blob:;"; // style-src 'self';"; $csp_rules = "script-src 'self' 'unsafe-eval';";
$csp_rules .= "worker-src blob:;";
//$csp_rules .= "style-src 'self';";
/* Do not allow to embed myself into frames on foreigns pages */
$csp_rules .= "frame-ancestors 'self';";
foreach (array("X-WebKit-CSP", "X-Content-Security-Policy", "Content-Security-Policy") as $csp) { foreach (array("X-WebKit-CSP", "X-Content-Security-Policy", "Content-Security-Policy") as $csp) {
header($csp . ": " . $csp_rules); header($csp . ": " . $csp_rules);
} }
} }
// header('X-Content-Type-Options: nosniff'); header('X-Content-Type-Options: nosniff');
header('Strict-Transport-Security: max-age=15768000');
if($httpheader) { if($httpheader) {
foreach($httpheader as $name=>$value) { foreach($httpheader as $name=>$value) {
header($name . ": " . $value); header($name . ": " . $value);