mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
Fix CSP not propagated in default handler. (#915)
Also: - not hide the CSP header in the dist version of suites. - Fix CSP errors due to FontAwesome loading stylesheets dynamically.
This commit is contained in:
parent
ca4a890fb2
commit
29325ab273
|
@ -3,7 +3,6 @@ package server
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"path"
|
|
||||||
|
|
||||||
duoapi "github.com/duosecurity/duo_api_golang"
|
duoapi "github.com/duosecurity/duo_api_golang"
|
||||||
"github.com/fasthttp/router"
|
"github.com/fasthttp/router"
|
||||||
|
@ -112,9 +111,7 @@ func StartServer(configuration schema.Configuration, providers middlewares.Provi
|
||||||
router.GET("/debug/vars", expvarhandler.ExpvarHandler)
|
router.GET("/debug/vars", expvarhandler.ExpvarHandler)
|
||||||
}
|
}
|
||||||
|
|
||||||
router.NotFound = func(ctx *fasthttp.RequestCtx) {
|
router.NotFound = ServeIndex(publicDir)
|
||||||
ctx.SendFile(path.Join(publicDir, "index.html"))
|
|
||||||
}
|
|
||||||
|
|
||||||
server := &fasthttp.Server{
|
server := &fasthttp.Server{
|
||||||
Handler: middlewares.LogRequestMiddleware(router.Handler),
|
Handler: middlewares.LogRequestMiddleware(router.Handler),
|
||||||
|
|
|
@ -13,10 +13,6 @@ http {
|
||||||
set $backend_endpoint https://authelia-backend:9091;
|
set $backend_endpoint https://authelia-backend:9091;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
# We don't want to apply CSP in dev mode because the frontend is served by CRA
|
|
||||||
# and thus cannot have the nonce injected.
|
|
||||||
proxy_hide_header Content-Security-Policy;
|
|
||||||
|
|
||||||
proxy_set_header Host $http_host;
|
proxy_set_header Host $http_host;
|
||||||
proxy_pass $backend_endpoint;
|
proxy_pass $backend_endpoint;
|
||||||
}
|
}
|
||||||
|
|
|
@ -20,6 +20,10 @@ import SignOut from './views/LoginPortal/SignOut/SignOut';
|
||||||
import { useConfiguration } from './hooks/Configuration';
|
import { useConfiguration } from './hooks/Configuration';
|
||||||
import Tracker from "./components/Tracker";
|
import Tracker from "./components/Tracker";
|
||||||
import { useTracking } from "./hooks/Tracking";
|
import { useTracking } from "./hooks/Tracking";
|
||||||
|
import '@fortawesome/fontawesome-svg-core/styles.css'
|
||||||
|
import {config as faConfig} from '@fortawesome/fontawesome-svg-core';
|
||||||
|
|
||||||
|
faConfig.autoAddCss = false;
|
||||||
|
|
||||||
const App: React.FC = () => {
|
const App: React.FC = () => {
|
||||||
const [notification, setNotification] = useState(null as Notification | null);
|
const [notification, setNotification] = useState(null as Notification | null);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user