[Libreoffice-commits] online.git: common/Crypto.cpp common/Crypto.hpp loleaflet/admin loleaflet/loleaflet.html.m4 wsd/FileServer.cpp wsd/FileServer.hpp
Henry Castro
hcastro at collabora.com
Thu May 24 19:11:24 UTC 2018
common/Crypto.cpp | 10 ++++
common/Crypto.hpp | 7 ++
loleaflet/admin/admin.html | 3 -
loleaflet/admin/adminAnalytics.html | 3 -
loleaflet/admin/adminHistory.html | 4 -
loleaflet/admin/adminSettings.html | 3 -
loleaflet/loleaflet.html.m4 | 4 -
wsd/FileServer.cpp | 86 ++++++++++++++++++++++++++++++++++--
wsd/FileServer.hpp | 2
9 files changed, 111 insertions(+), 11 deletions(-)
New commits:
commit 6ff069db62dc38fa9f37d84789266ac4fdf02ba2
Author: Henry Castro <hcastro at collabora.com>
Date: Wed Apr 25 15:53:38 2018 -0400
respond different logo brands when it has support
Change-Id: Icddc8b67a20fd829c90c3c5d8eb6942da9c5e74d
Reviewed-on: https://gerrit.libreoffice.org/53583
Reviewed-by: Jan Holesovsky <kendy at collabora.com>
Tested-by: Jan Holesovsky <kendy at collabora.com>
diff --git a/common/Crypto.cpp b/common/Crypto.cpp
index 46ba05c0f..7c1d00052 100644
--- a/common/Crypto.cpp
+++ b/common/Crypto.cpp
@@ -127,6 +127,16 @@ int SupportKey::validDaysRemaining()
return days;
}
+DateTime SupportKey::expiry() const
+{
+ return _impl->_expiry;
+}
+
+std::string SupportKey::data() const
+{
+ return _impl->_data;
+}
+
#endif // ENABLE_SUPPORT_KEY
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/common/Crypto.hpp b/common/Crypto.hpp
index 94b194cc2..079a4f742 100644
--- a/common/Crypto.hpp
+++ b/common/Crypto.hpp
@@ -15,6 +15,9 @@
#include <memory>
struct SupportKeyImpl;
+namespace Poco {
+ class DateTime;
+}
class SupportKey {
std::unique_ptr<SupportKeyImpl> _impl;
@@ -28,6 +31,10 @@ public:
/// How many days until key expires
int validDaysRemaining();
+
+ Poco::DateTime expiry() const;
+
+ std::string data() const;
};
#endif
diff --git a/loleaflet/admin/admin.html b/loleaflet/admin/admin.html
index 0439ac16f..f23d510ca 100644
--- a/loleaflet/admin/admin.html
+++ b/loleaflet/admin/admin.html
@@ -19,7 +19,7 @@
</head>
<body>
<script src="/loleaflet/dist/admin-bundle.js"></script>
- <script src="/loleaflet/dist/branding.js"></script>
+ <!--%BRANDING_JS%-->
<script>if (typeof brandProductName !== 'undefined') {l10nstrings.strProductName = brandProductName}</script>
<script>document.title = l10nstrings.strProductName + ' - ' + l10nstrings.strAdminConsole</script>
<script>
@@ -141,5 +141,6 @@
<li><a tabindex="-1" href="#"><script>document.write(l10nstrings.strKill)</script></a></li>
</ul>
</div>
+<!--%FOOTER%-->
</body>
</html>
diff --git a/loleaflet/admin/adminAnalytics.html b/loleaflet/admin/adminAnalytics.html
index 722629435..1e801fcb1 100644
--- a/loleaflet/admin/adminAnalytics.html
+++ b/loleaflet/admin/adminAnalytics.html
@@ -19,7 +19,7 @@
</head>
<body>
<script src="/loleaflet/dist/admin-bundle.js"></script>
- <script src="/loleaflet/dist/branding.js"></script>
+ <!--%BRANDING_JS%-->
<script>if (typeof brandProductName !== 'undefined') {l10nstrings.strProductName = brandProductName}</script>
<script>document.title = l10nstrings.strProductName + ' - ' + l10nstrings.strAdminConsole</script>
<script>
@@ -105,5 +105,6 @@
</div>
</div>
</div>
+<!--%FOOTER%-->
</body>
</html>
diff --git a/loleaflet/admin/adminHistory.html b/loleaflet/admin/adminHistory.html
index 17184045a..7245a3d04 100644
--- a/loleaflet/admin/adminHistory.html
+++ b/loleaflet/admin/adminHistory.html
@@ -20,7 +20,7 @@
</head>
<body>
<script src="/loleaflet/dist/admin-bundle.js"></script>
- <script src="/loleaflet/dist/branding.js"></script>
+ <!--%BRANDING_JS%-->
<script>if (typeof brandProductName !== 'undefined') {l10nstrings.strProductName = brandProductName}</script>
<script>document.title = l10nstrings.strProductName + ' - ' + l10nstrings.strAdminConsole</script>
<script>
@@ -71,7 +71,7 @@
</div>
</div>
</div>
-
+<!--%FOOTER%-->
<!-- Bootstrap core JavaScript
================================================== -->
diff --git a/loleaflet/admin/adminSettings.html b/loleaflet/admin/adminSettings.html
index 9238354f5..c7b21879d 100644
--- a/loleaflet/admin/adminSettings.html
+++ b/loleaflet/admin/adminSettings.html
@@ -19,7 +19,7 @@
</head>
<body>
<script src="/loleaflet/dist/admin-bundle.js"></script>
- <script src="/loleaflet/dist/branding.js"></script>
+ <!--%BRANDING_JS%-->
<script>if (typeof brandProductName !== 'undefined') {l10nstrings.strProductName = brandProductName}</script>
<script>document.title = l10nstrings.strProductName + ' - ' + l10nstrings.strAdminConsole</script>
<script>
@@ -97,5 +97,6 @@
</div>
</div>
</div>
+ <!--%FOOTER%-->
</body>
</html>
diff --git a/loleaflet/loleaflet.html.m4 b/loleaflet/loleaflet.html.m4
index ed7286615..87bcf697e 100644
--- a/loleaflet/loleaflet.html.m4
+++ b/loleaflet/loleaflet.html.m4
@@ -26,7 +26,7 @@ define([_foreachq],[ifelse([$#],[3],[],[define([$1],[$4])$2[]$0([$1],[$2],shift(
ifelse(DEBUG,[true],foreachq([fileCSS],[LOLEAFLET_CSS],[<link rel="stylesheet" href="/loleaflet/%VERSION%/fileCSS" />
]),[<link rel="stylesheet" href="/loleaflet/%VERSION%/bundle.css" />
])dnl
-<link rel="stylesheet" href="/loleaflet/%VERSION%/branding.css"> <!-- add your logo here -->
+<!--%BRANDING_CSS%--> <!-- add your logo here -->
<link rel="localizations" href="/loleaflet/%VERSION%/l10n/localizations.json" type="application/vnd.oftn.l10n+json"/>
<link rel="localizations" href="/loleaflet/%VERSION%/l10n/locore-localizations.json" type="application/vnd.oftn.l10n+json" />
<link rel="localizations" href="/loleaflet/%VERSION%/l10n/help-localizations.json" type="application/vnd.oftn.l10n+json"/>
@@ -114,5 +114,5 @@ ifelse(DEBUG,[true],foreachq([fileJS],[LOLEAFLET_JS],
]),
[ <script src="/loleaflet/%VERSION%/bundle.js"></script>
])dnl
- <script src="/loleaflet/%VERSION%/branding.js"></script> <!-- logo onclick handler -->
+ <!--%BRANDING_JS%--> <!-- logo onclick handler -->
</body></html>
diff --git a/wsd/FileServer.cpp b/wsd/FileServer.cpp
index ab95c6a45..17531623f 100644
--- a/wsd/FileServer.cpp
+++ b/wsd/FileServer.cpp
@@ -41,11 +41,15 @@
#include "Auth.hpp"
#include <Common.hpp>
+#include <Crypto.hpp>
#include "FileServer.hpp"
#include "LOOLWSD.hpp"
#include <Log.hpp>
#include <Protocol.hpp>
+#define BRAND_SUPPORTED "branding"
+#define BRAND_UNSUPPORTED "branding-CODE"
+
using Poco::Net::HTMLForm;
using Poco::Net::HTTPBasicCredentials;
using Poco::Net::HTTPRequest;
@@ -299,11 +303,17 @@ void FileServerRequestHandler::handleRequest(const HTTPRequest& request, Poco::M
if (request.getMethod() == HTTPRequest::HTTP_GET)
{
if (endPoint == "admin.html" ||
- endPoint == "admin-bundle.js" ||
- endPoint == "admin-localizations.js" ||
endPoint == "adminSettings.html" ||
+ endPoint == "adminHistory.html" ||
endPoint == "adminAnalytics.html")
{
+ preprocessAdminFile(request, socket);
+ return;
+ }
+
+ if (endPoint == "admin-bundle.js" ||
+ endPoint == "admin-localizations.js")
+ {
noCache = true;
if (!LOOLWSD::AdminEnabled)
@@ -557,6 +567,8 @@ std::string FileServerRequestHandler::getRequestPathname(const HTTPRequest& requ
void FileServerRequestHandler::preprocessFile(const HTTPRequest& request, Poco::MemoryInputStream& message, const std::shared_ptr<StreamSocket>& socket)
{
+ static const std::string linkCSS = "<link rel=\"stylesheet\" href=\"/loleaflet/" LOOLWSD_VERSION_HASH "/%s.css\">";
+ static const std::string scriptJS = "<script src=\"/loleaflet/" LOOLWSD_VERSION_HASH "/%s.js\"></script>";
const auto host = ((LOOLWSD::isSSLEnabled() || LOOLWSD::isSSLTermination()) ? "wss://" : "ws://") + (LOOLWSD::ServerName.empty() ? request.getHost() : LOOLWSD::ServerName);
const Poco::URI::QueryParameters params = Poco::URI(request.getURI()).getQueryParameters();
@@ -605,8 +617,27 @@ void FileServerRequestHandler::preprocessFile(const HTTPRequest& request, Poco::
Poco::replaceInPlace(preprocess, std::string("%HOST%"), host);
Poco::replaceInPlace(preprocess, std::string("%VERSION%"), std::string(LOOLWSD_VERSION_HASH));
+ std::string brandCSS(Poco::format(linkCSS, std::string(BRAND_UNSUPPORTED)));
+ std::string brandJS(Poco::format(scriptJS, std::string(BRAND_UNSUPPORTED)));
+
const auto& config = Application::instance().config();
- const std::string loleafletLogging = config.getString("loleaflet_logging", "false");
+#if ENABLE_SUPPORT_KEY
+ const std::string keyString = config.getString("support_key", "");
+ SupportKey key(keyString);
+ if (key.verify() && key.validDaysRemaining() > 0)
+ {
+ brandCSS = Poco::format(linkCSS, std::string(BRAND_SUPPORTED));
+ brandJS = Poco::format(scriptJS, std::string(BRAND_SUPPORTED));
+ }
+#elif ENABLE_DEBUG
+ brandCSS = "";
+ brandJS = "";
+#endif
+
+ Poco::replaceInPlace(preprocess, std::string("<!--%BRANDING_CSS%-->"), brandCSS);
+ Poco::replaceInPlace(preprocess, std::string("<!--%BRANDING_JS%-->"), brandJS);
+
+ const auto loleafletLogging = config.getString("loleaflet_logging", "false");
Poco::replaceInPlace(preprocess, std::string("%LOLEAFLET_LOGGING%"), loleafletLogging);
const std::string outOfFocusTimeoutSecs= config.getString("per_view.out_of_focus_timeout_secs", "60");
Poco::replaceInPlace(preprocess, std::string("%OUT_OF_FOCUS_TIMEOUT_SECS%"), outOfFocusTimeoutSecs);
@@ -749,4 +780,53 @@ void FileServerRequestHandler::preprocessFile(const HTTPRequest& request, Poco::
LOG_DBG("Sent file: " << relPath << ": " << preprocess);
}
+void FileServerRequestHandler::preprocessAdminFile(const HTTPRequest& request,const std::shared_ptr<StreamSocket>& socket)
+{
+ Poco::Net::HTTPResponse response;
+ static const std::string scriptJS("<script src=\"/loleaflet/dist/%s.js\"></script>");
+ static const std::string footerPage("<div class=\"footer navbar-fixed-bottom text-info text-center\"><strong>Key:</strong> %s <strong>Expiry Date:</strong> %s</div>");
+
+ if (!FileServerRequestHandler::isAdminLoggedIn(request, response))
+ throw Poco::Net::NotAuthenticatedException("Invalid admin login");
+
+ const std::string relPath = getRequestPathname(request);
+ LOG_DBG("Preprocessing file: " << relPath);
+ std::string adminFile = *getUncompressedFile(relPath);
+ std::string brandJS(Poco::format(scriptJS, std::string(BRAND_UNSUPPORTED)));
+ std::string brandFooter;
+
+#if ENABLE_SUPPORT_KEY
+ const auto& config = Application::instance().config();
+ const std::string keyString = config.getString("support_key", "");
+ SupportKey key(keyString);
+
+ if (key.verify() && key.validDaysRemaining() > 0)
+ {
+ brandJS = Poco::format(scriptJS, std::string(BRAND_SUPPORTED));
+ brandFooter = Poco::format(footerPage, key.data(), Poco::DateTimeFormatter::format(key.expiry(), Poco::DateTimeFormat::RFC822_FORMAT));
+ }
+#elif ENABLE_DEBUG
+ brandJS = "";
+#endif
+
+ Poco::replaceInPlace(adminFile, std::string("<!--%BRANDING_JS%-->"), brandJS);
+ Poco::replaceInPlace(adminFile, std::string("<!--%FOOTER%-->"), brandFooter);
+
+ // Ask UAs to block if they detect any XSS attempt
+ response.add("X-XSS-Protection", "1; mode=block");
+ // No referrer-policy
+ response.add("Referrer-Policy", "no-referrer");
+ response.add("X-Content-Type-Options", "nosniff");
+ response.set("User-Agent", HTTP_AGENT_STRING);
+ response.set("Date", Poco::DateTimeFormatter::format(Poco::Timestamp(), Poco::DateTimeFormat::HTTP_FORMAT));
+
+ response.setContentType("text/html");
+ response.setChunkedTransferEncoding(false);
+
+ std::ostringstream oss;
+ response.write(oss);
+ oss << adminFile;
+ socket->send(oss.str());
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/wsd/FileServer.hpp b/wsd/FileServer.hpp
index c3ff59b7b..8bcc662c7 100644
--- a/wsd/FileServer.hpp
+++ b/wsd/FileServer.hpp
@@ -21,7 +21,7 @@ class FileServerRequestHandler
static std::string getRequestPathname(const Poco::Net::HTTPRequest& request);
static void preprocessFile(const Poco::Net::HTTPRequest& request, Poco::MemoryInputStream& message, const std::shared_ptr<StreamSocket>& socket);
-
+ static void preprocessAdminFile(const Poco::Net::HTTPRequest& request, const std::shared_ptr<StreamSocket>& socket);
public:
/// Evaluate if the cookie exists, and if not, ask for the credentials.
static bool isAdminLoggedIn(const Poco::Net::HTTPRequest& request, Poco::Net::HTTPResponse& response);
More information about the Libreoffice-commits
mailing list