Merge branch 'staging' into dist/eole/2.6.2/staging

Merge branch 'develop' into staging
Merge branch 'dist/eole/2.6.2/develop' into dist/eole/2.6.2/staging
2020-01-06 15:00:20 +01:00 · 2020-01-06 14:58:33 +01:00 · 2020-01-06 14:57:29 +01:00 · 2019-12-12 12:12:37 +01:00 · 2019-12-12 12:01:18 +01:00 · 2019-12-12 12:01:00 +01:00
6 changed files with 10 additions and 5 deletions
--- a/README.md
+++ b/README.md
@ -12,8 +12,8 @@ GenConfig -> Mode Expert -> Dépôts tiers -> Libellé du dépôt

 #### LemonLDAP::NG repository
 
-* deb     https://lemonldap-ng.org/deb stable main
-* deb-src https://lemonldap-ng.org/deb stable main
+* deb     https://lemonldap-ng.org/deb 1.9 main
+* deb-src https://lemonldap-ng.org/deb 1.9 main
 * Key URL : https://lemonldap-ng.org/_media/rpm-gpg-key-ow2 

 #### Cadoles Repository
--- a/dicos/70_lemonldap_ng.xml
+++ b/dicos/70_lemonldap_ng.xml
@ -67,6 +67,7 @@
 			</variable>
 			<variable name='llRegisterDB' type='string' description="Base de comptes pour l'enregistrement"/>
 			<variable name='llRegisterURL' type='string' description="Adresse de l'application de création de compte"/>
+			<variable name='llCSPTargets' type='domain' description="Domaines vers lesquels le forumaire peut renvoyer" multi='True'/>
 		</family>
        <separators>
 		    <separator name="managerWebName">Configuration DNS</separator>
@ -132,5 +133,6 @@
 		<variable name='ldapUserBaseDN'>DN de l'utilisateur de connection en lecture à l'annuaire (ex: cn=reader,o=gouv,c=fr)</variable>
 		<variable name='nginxBucketSize'>server_names_hash_bucket_size Taille du hash des noms de serveur pour NGINX</variable>
 		<variable name='llCheckLogins'>Affiche une case à cocher sur la mire SSO qui permet a l'utilisateur de voir l'historique de connection de son compte avant d'être redirigé vers le service demandé</variable>
+		<variable name='llCSPTargets'>Liste des domaines à ajouter à la directive form-action.</variable>
 	</help>
 </creole>
--- a/tmpl/handler-nginx.conf
+++ b/tmpl/handler-nginx.conf
@ -39,7 +39,7 @@ server {

  error_page   403 404 502 503 504  /nginx.html;
  location = /nginx.html{
-       root /usr/share/nginx/www;
+       root /usr/share/nginx/html;
    }

  location = /reload {
--- a/tmpl/manager-nginx.conf
+++ b/tmpl/manager-nginx.conf
@ -20,7 +20,7 @@ server {

  error_page   403 404 502 503 504  /nginx.html;
  location = /nginx.html{
-    root /usr/share/nginx/www;
+    root /usr/share/nginx/html;
  } 

  root /usr/share/lemonldap-ng/manager/htdocs/;
--- a/tmpl/portal-nginx.conf
+++ b/tmpl/portal-nginx.conf
@ -5,6 +5,8 @@
 #  ~/CN=(?<CN>[^/]+) $CN;
 #}
 %set %%webDomain = %%authWebName.split('.',1)[1]
+%set %%CSPTargets = %%custom_join(['http://*.{0} https://*.{0}'.format(d) for d in set([%%webDomain] + %%getVar('llCSPTargets'))], ' ')
+

 server {
  listen 80;
@ -42,7 +44,7 @@ server {
    fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
    fastcgi_param PATH_INFO  $fastcgi_path_info;
    fastcgi_hide_header Content-Security-Policy;
-    add_header Content-Security-Policy "default-src 'self'; form-action 'self' http://*.%%webDomain https://*.%%webDomain; object-src 'none'";
+    add_header Content-Security-Policy "default-src 'self'; form-action 'self' %%CSPTargets; object-src 'none'";

  }

--- a/tmpl/test-nginx.conf
+++ b/tmpl/test-nginx.conf
@ -50,6 +50,7 @@ server {
    ##################################
    auth_request /lmauth;
    auth_request_set $lmremote_user $upstream_http_lm_remote_user;
+    auth_request_set $lmremote_custom $upstream_http_lm_remote_custom;
    auth_request_set $lmlocation $upstream_http_location;
    # If CDA is used, uncomment this
    #auth_request_set $cookie_value $upstream_http_set_cookie;
Author	SHA1	Message	Date
Benjamin Bohard	d4f05e33da	Merge branch 'staging' into dist/eole/2.6.2/staging	2020-01-06 15:00:20 +01:00
Benjamin Bohard	3326273e21	Merge branch 'develop' into staging	2020-01-06 14:58:33 +01:00
Benjamin Bohard	b819d2ceb0	Merge branch 'dist/eole/2.6.2/develop' into dist/eole/2.6.2/staging	2020-01-06 14:57:29 +01:00
Benjamin Bohard	26d696d6f8	Merge branch 'develop' into dist/eole/2.6.2/develop	2019-12-12 12:12:37 +01:00
Benjamin Bohard	53e17b8da0	Merge branch 'issue/3-CSP_targets' into develop	2019-12-12 12:01:18 +01:00
Benjamin Bohard	207dadd5cc	Add variables to defined allowed CSP targets	2019-12-12 12:01:00 +01:00
Benjamin Bohard	994166b1fd	Merge branch 'issue/2-variable_init' into develop	2019-12-12 11:16:48 +01:00
Benjamin Bohard	20c513e4fd	declare lmremote_custom variable in test-nginx.conf	2019-12-12 11:16:38 +01:00
Benjamin Bohard	0980b3d30c	Merge branch 'issue/1-error_page_location' into develop	2019-12-12 11:15:07 +01:00
Benjamin Bohard	9003ecbcb3	nginx error pages are located in html subfolder, not www	2019-12-12 11:14:54 +01:00
Philippe Caseiro	a2f2c8f82d	Merge branch 'staging' into dist/eole/2.6.2/staging	2019-09-13 16:09:32 +02:00
Philippe Caseiro	8fbafb4c70	Merge branch 'develop' into staging	2019-09-13 16:08:44 +02:00
Philippe Caseiro	148b0b87f1	Merge branch 'dist/eole/2.6.2/develop' into dist/eole/2.6.2/staging	2019-09-13 11:21:42 +02:00
Philippe Caseiro	e1f90ef9fd	Merge branch 'staging' into dist/eole/2.6.2/staging	2019-09-13 10:05:59 +02:00
Philippe Caseiro	a96d56b19c	Merge branch 'develop'	2019-09-13 10:00:17 +02:00
Philippe Caseiro	c7b38c52d0	Update README	2019-07-11 09:44:49 +02:00