diff options
Diffstat (limited to 'src/assets')
| -rw-r--r-- | src/assets/javascripts/services.js | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/src/assets/javascripts/services.js b/src/assets/javascripts/services.js index 0b157065..6aeeff7c 100644 --- a/src/assets/javascripts/services.js +++ b/src/assets/javascripts/services.js @@ -742,6 +742,44 @@ function processUpdate() { })
}
+// For websites that have a strict policy that would not normally allow these frontends to be embedded within the website.
+function modifyContentSecurityPolicy(details) {
+ let isChanged = false
+ if (details.type == "main_frame") {
+ for (const header in details.responseHeaders) {
+ if (details.responseHeaders[header].name == "content-security-policy") {
+ let instancesList = []
+ for (const service in config.services) {
+ if (config.services[service].embeddable) {
+ for (const frontend in config.services[service].frontends) {
+ if (config.services[service].frontends[frontend].embeddable) {
+ for (const network in config.networks) {
+ instancesList.push(...options[frontend][network].enabled, ...options[frontend][network].custom)
+ }
+ }
+ }
+ }
+ }
+ let securityPolicyList = details.responseHeaders[header].value.split(";")
+ for (const i in securityPolicyList) securityPolicyList[i] = securityPolicyList[i].trim()
+ let newSecurity = ""
+ for (const item of securityPolicyList) {
+ if (item.trim() == "") continue
+ let regex = item.match(/([a-z-]{0,}) (.*)/)
+ if (regex == null) continue
+ let [, key, vals] = regex
+ if (key == "frame-src") vals = vals + " " + instancesList.join(" ")
+ newSecurity += key + " " + vals + "; "
+ }
+
+ details.responseHeaders[header].value = newSecurity
+ isChanged = true
+ }
+ }
+ if (isChanged) return { responseHeaders: details.responseHeaders }
+ }
+}
+
export default {
redirect,
computeService,
@@ -752,4 +790,5 @@ export default { initDefaults,
upgradeOptions,
processUpdate,
+ modifyContentSecurityPolicy,
}
|