Skip to content

Commit

Permalink
site_server::wrapper -> Send script_nonce with wrapper
Browse files Browse the repository at this point in the history
  • Loading branch information
@canewsin
canewsin committed Nov 4, 2022
1 parent 1226848 commit 1b369d2
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 5 deletions.
11 changes: 11 additions & 0 deletions src/plugins/site_server/macros.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,17 @@ macro_rules! build_header {
() => {
build_header!(None, None, None, None, None, None, None)
};
($status:expr, $content_type:expr, $script_nonce:expr) => {
build_header!(
Some($status),
None,
None,
None,
Some($script_nonce),
None,
None
)
};
($status:expr) => {
build_header!(Some($status), None, None, None, None, None, None)
};
Expand Down
10 changes: 5 additions & 5 deletions src/plugins/site_server/wrapper.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ use log::*;
use mime_guess::MimeGuess;
use regex::Regex;
use tokio::fs;
use uuid::Uuid;
use zerucontent::{Content, Number};

use crate::{
core::address::Address,
environment::{DEF_TEMPLATES_PATH, ENV},
plugins::site_server::{
common::get_nonce,
file::serve_file,
handlers::{
sites::{AddWrapperKey, Lookup, SiteContent},
Expand Down Expand Up @@ -53,7 +53,7 @@ pub async fn serve_wrapper(
data: actix_web::web::Data<ZeroServer>,
has_wrapper_nonce: bool,
) -> HttpResponse {
let nonce = Uuid::new_v4().simple().to_string();
let nonce = get_nonce(false, 64);
{
let mut nonces = data.wrapper_nonces.lock().unwrap();
nonces.insert(nonce.clone());
Expand Down Expand Up @@ -196,7 +196,7 @@ pub async fn serve_wrapper(
path.push("wrapper.html");

let sandbox_permissions = "".into();

let script_nonce = get_nonce(true, 64);
let string = match render(
&path,
WrapperData {
Expand All @@ -218,14 +218,14 @@ pub async fn serve_wrapper(
lang: ENV.lang.to_string(),
homepage: String::from(&*ENV.homepage),
themeclass,
script_nonce: String::from("script_nonce"), //TODO!: Need to Replace with real value
script_nonce: script_nonce.clone(),
},
) {
Ok(s) => s,
Err(_) => String::new(),
};
let mut res = HttpResponse::Ok();
for (key, value) in build_header!().iter() {
for (key, value) in build_header!(200, None, &script_nonce).iter() {
res.append_header((key.as_str(), value.to_str().unwrap()));
}
res.keep_alive().body(string)
Expand Down

0 comments on commit 1b369d2

Please sign in to comment.