File tree Expand file tree Collapse file tree 1 file changed +5
-1
lines changed
Expand file tree Collapse file tree 1 file changed +5
-1
lines changed Original file line number Diff line number Diff line change @@ -16,7 +16,11 @@ echo "Init PreConfig.js"
1616echo " (function() {" > $CATALINA_HOME /webapps/draw/js/PreConfig.js
1717echo " try {" >> $CATALINA_HOME /webapps/draw/js/PreConfig.js
1818echo " var s = document.createElement('meta');" >> $CATALINA_HOME /webapps/draw/js/PreConfig.js
19- echo " s.setAttribute('content', '${DRAWIO_CSP_HEADER:- default-src \' self\' ; script-src \' self\' https:// storage.googleapis.com https:// apis.google.com https:// docs.google.com https:// code.jquery.com \' unsafe-inline\' ; connect-src \' self\' https://* .dropboxapi.com https:// api.trello.com https:// api.github.com https:// raw.githubusercontent.com https://* .googleapis.com https://* .googleusercontent.com https:// graph.microsoft.com https://* .1drv.com https://* .sharepoint.com https:// gitlab.com https://* .google.com https:// fonts.gstatic.com https:// fonts.googleapis.com; img-src * data: ; media-src * data: ; font-src * about: ; style-src \' self\' \' unsafe-inline\' https:// fonts.googleapis.com; frame-src \' self\' https://* .google.com;} ');" >> $CATALINA_HOME /webapps/draw/js/PreConfig.js
19+ if [[ -z " ${DRAWIO_GITLAB_ID} " ; then
20+ echo " s.setAttribute('content', '${DRAWIO_CSP_HEADER:- default-src \' self\' ; script-src \' self\' https:// storage.googleapis.com https:// apis.google.com https:// docs.google.com https:// code.jquery.com \' unsafe-inline\' ; connect-src \' self\' https://* .dropboxapi.com https:// api.trello.com https:// api.github.com https:// raw.githubusercontent.com https://* .googleapis.com https://* .googleusercontent.com https:// graph.microsoft.com https://* .1drv.com https://* .sharepoint.com https:// gitlab.com https://* .google.com https:// fonts.gstatic.com https:// fonts.googleapis.com; img-src * data: ; media-src * data: ; font-src * about: ; style-src \' self\' \' unsafe-inline\' https:// fonts.googleapis.com; frame-src \' self\' https://* .google.com;} ');" >> $CATALINA_HOME /webapps/draw/js/PreConfig.js
21+ else
22+ echo " s.setAttribute('content', '${DRAWIO_CSP_HEADER:- default-src \' self\' ; script-src \' self\' https:// storage.googleapis.com https:// apis.google.com https:// docs.google.com https:// code.jquery.com \' unsafe-inline\' ; connect-src \' self\' $DRAWIO_GITLAB_URL https://* .dropboxapi.com https:// api.trello.com https:// api.github.com https:// raw.githubusercontent.com https://* .googleapis.com https://* .googleusercontent.com https:// graph.microsoft.com https://* .1drv.com https://* .sharepoint.com https:// gitlab.com https://* .google.com https:// fonts.gstatic.com https:// fonts.googleapis.com; img-src * data: ; media-src * data: ; font-src * about: ; style-src \' self\' \' unsafe-inline\' https:// fonts.googleapis.com; frame-src \' self\' https://* .google.com;} ');" >> $CATALINA_HOME /webapps/draw/js/PreConfig.js
23+ fi
2024echo " s.setAttribute('http-equiv', 'Content-Security-Policy');" >> $CATALINA_HOME /webapps/draw/js/PreConfig.js
2125echo " var t = document.getElementsByTagName('meta')[0];" >> $CATALINA_HOME /webapps/draw/js/PreConfig.js
2226echo " t.parentNode.insertBefore(s, t);" >> $CATALINA_HOME /webapps/draw/js/PreConfig.js
You can’t perform that action at this time.
0 commit comments