mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
b12d9d405f
CSP is used to avoid some attacks where the hacker tries to execute untrusted code in the browser. The policy is to use assets hosted on the the original website and in order to make CSP work with material UI, a nonce is generated at each request of index.html and injected in the template as well as provided in the Content-Security-Policy header (https://material-ui.com/styles/advanced/#how-does-one-implement-csp) Fix #815
17 lines
462 B
Bash
Executable File
17 lines
462 B
Bash
Executable File
#!/bin/sh
|
|
|
|
set -x
|
|
|
|
echo "Use hot reloaded version of Authelia backend"
|
|
go get github.com/cespare/reflex
|
|
|
|
# Fake index.html because Authelia reads it as a template at startup to inject nonces.
|
|
# This prevents a crash of Authelia in dev mode.
|
|
mkdir -p /tmp/authelia-web
|
|
touch /tmp/authelia-web/index.html
|
|
|
|
# Sleep 10 seconds to wait the end of npm install updating web directory
|
|
# and making reflex reload multiple times.
|
|
sleep 10
|
|
|
|
reflex -c /resources/reflex.conf |