Commit bed7dd53 authored by Roque's avatar Roque

erp5_officejs_ooffice: update only office apps CSP

parent f451af69
...@@ -397,7 +397,7 @@ ...@@ -397,7 +397,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_view_action_reference</string> </key> <key> <string>configuration_default_view_action_reference</string> </key>
...@@ -716,7 +716,7 @@ ...@@ -716,7 +716,7 @@
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>982.59877.61445.307</string> </value> <value> <string>997.11692.64394.25207</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -734,7 +734,7 @@ ...@@ -734,7 +734,7 @@
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1587472042.87</float> <float>1640886599.8</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -367,7 +367,7 @@ ...@@ -367,7 +367,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
  • This commit added a non-ASCII space:

    00003c40  6f 6d 20 2a 2e 65 72 70  35 2e 6e 65 74 c2 a0 2a  |om *.erp5.net..*|

    0x20 is an ascii-compatible space, but 0xc2 0xa0 is an utf-8 encoded non-breakable space.

    This non-ASCII space caused erp5_officejs_ui_test:testFunctionalOfficeJSoOoSpreadsheet testOnlyfficeSpreadsheetBadDocumentState to fail.

    I have pushed a fix: d541f755 .

  • ...in my hurry, I completely missed that this commit did the same thing in all other files. So I fixed them in a second commit: b517ca10 .

  • Thank you @vpelletier, I think that at the time of the change I copied the url from another place (maybe from a gitlab repo) and I introduced a non-ASCII space. I'll keep this in mind for future changes.

Please register or sign in to reply
</item> </item>
<item> <item>
<key> <string>configuration_default_jio_document_page_gadget_url</string> </key> <key> <string>configuration_default_jio_document_page_gadget_url</string> </key>
...@@ -678,7 +678,7 @@ WebSection_getOOfficePresentationEditorPrecacheManifestList</string> </value> ...@@ -678,7 +678,7 @@ WebSection_getOOfficePresentationEditorPrecacheManifestList</string> </value>
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>983.23018.54274.53111</string> </value> <value> <string>997.11692.64394.25207</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -696,7 +696,7 @@ WebSection_getOOfficePresentationEditorPrecacheManifestList</string> </value> ...@@ -696,7 +696,7 @@ WebSection_getOOfficePresentationEditorPrecacheManifestList</string> </value>
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1587729710.65</float> <float>1640886629.59</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -397,7 +397,7 @@ ...@@ -397,7 +397,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_view_action_reference</string> </key> <key> <string>configuration_default_view_action_reference</string> </key>
...@@ -716,7 +716,7 @@ ...@@ -716,7 +716,7 @@
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>982.59877.62089.32341</string> </value> <value> <string>997.11692.64394.25207</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -734,7 +734,7 @@ ...@@ -734,7 +734,7 @@
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1587472040.74</float> <float>1640886604.51</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -395,7 +395,7 @@ ...@@ -395,7 +395,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_jio_document_page_gadget_url</string> </key> <key> <string>configuration_default_jio_document_page_gadget_url</string> </key>
...@@ -734,7 +734,7 @@ WebSection_getOOfficeSpreadsheetEditorPrecacheManifestList</string> </value> ...@@ -734,7 +734,7 @@ WebSection_getOOfficeSpreadsheetEditorPrecacheManifestList</string> </value>
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>983.23018.50323.27528</string> </value> <value> <string>997.11692.64394.25207</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -752,7 +752,7 @@ WebSection_getOOfficeSpreadsheetEditorPrecacheManifestList</string> </value> ...@@ -752,7 +752,7 @@ WebSection_getOOfficeSpreadsheetEditorPrecacheManifestList</string> </value>
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1587729712.71</float> <float>1640886636.1</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -397,7 +397,7 @@ ...@@ -397,7 +397,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_view_action_reference</string> </key> <key> <string>configuration_default_view_action_reference</string> </key>
...@@ -710,7 +710,7 @@ ...@@ -710,7 +710,7 @@
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>982.59878.3068.53913</string> </value> <value> <string>997.11692.64394.25207</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -728,7 +728,7 @@ ...@@ -728,7 +728,7 @@
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1587472038.4</float> <float>1640886593.14</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
...@@ -367,7 +367,7 @@ ...@@ -367,7 +367,7 @@
</item> </item>
<item> <item>
<key> <string>configuration_content_security_policy</string> </key> <key> <string>configuration_content_security_policy</string> </key>
<value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value> <value> <string>default-src \'self\'; img-src \'self\' data:; media-src \'self\' blob:; connect-src \'self\' https://content.dropboxapi.com https://api.dropboxapi.com mail.tiolive.com data: *.host.vifib.net *.node.vifib.com *.erp5.net *.nexedi.net https://netdna.bootstrapcdn.com; script-src \'self\' \'unsafe-eval\' \'unsafe-inline\'; font-src \'self\' netdna.bootstrapcdn.com; style-src \'self\' netdna.bootstrapcdn.com \'unsafe-inline\' data:; frame-src \'self\' data:</string> </value>
</item> </item>
<item> <item>
<key> <string>configuration_default_jio_document_page_gadget_url</string> </key> <key> <string>configuration_default_jio_document_page_gadget_url</string> </key>
...@@ -678,7 +678,7 @@ WebSection_getOOfficeTextEditorPrecacheManifestList</string> </value> ...@@ -678,7 +678,7 @@ WebSection_getOOfficeTextEditorPrecacheManifestList</string> </value>
</item> </item>
<item> <item>
<key> <string>serial</string> </key> <key> <string>serial</string> </key>
<value> <string>983.23018.46843.52872</string> </value> <value> <string>997.11692.64394.25207</string> </value>
</item> </item>
<item> <item>
<key> <string>state</string> </key> <key> <string>state</string> </key>
...@@ -696,7 +696,7 @@ WebSection_getOOfficeTextEditorPrecacheManifestList</string> </value> ...@@ -696,7 +696,7 @@ WebSection_getOOfficeTextEditorPrecacheManifestList</string> </value>
</tuple> </tuple>
<state> <state>
<tuple> <tuple>
<float>1587729715.32</float> <float>1640886625.31</float>
<string>UTC</string> <string>UTC</string>
</tuple> </tuple>
</state> </state>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment