Embed the IPFire background image into the redirect template directly via CSS instead of loading it from somewhere else. This is necessary because of Content Security Policy (CSP).
This patch inserts the base64 encoded image during build so nothing needs to be updated twice in case background image changes.
It supersedes first and second version of this patch and has been successfully tested during a clean build.
Fixes #11650
Signed-off-by: Peter Müller peter.mueller@link38.eu --- html/html/redirect-templates/legacy/template.html | 7 ++++++- lfs/web-user-interface | 5 +++++ 2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/html/html/redirect-templates/legacy/template.html b/html/html/redirect-templates/legacy/template.html index b5fb61ebe..297561e3a 100644 --- a/html/html/redirect-templates/legacy/template.html +++ b/html/html/redirect-templates/legacy/template.html @@ -3,11 +3,16 @@ <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ACCESS MESSAGE</title> + <style content="text/css"> + td.image { + background-image: url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); + } + </style> </head> <body> <table width="100%" height='100%' border="0"> <tr> - <td colspan='3' width='100%' height='130' align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> + <td colspan='3' width='100%' height='152px' align="center" class="image"> </td> <tr> <td width='10%'> <td align='center' bgcolor='#CC000000' width='80%'> diff --git a/lfs/web-user-interface b/lfs/web-user-interface index 0c5688252..f3367713a 100644 --- a/lfs/web-user-interface +++ b/lfs/web-user-interface @@ -55,6 +55,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) mkdir -p /var/updatecache/{download,metadata} cp -aR $(DIR_SRC)/html/* /srv/web/ipfire
+ # Add base64 encoded background image to Squid content access page + basedata="$$( base64 ${DIR_SRC}/html/html/images/background.gif | tr -d '\n' )"; \ + sed -i "s|IMAGEDATAPLACEHOLDER|$${basedata}|g" \ + /srv/web/ipfire/html/redirect-templates/legacy/template.html + # Change CONFIG_ROOT in cgi-scripts for i in /srv/web/ipfire/cgi-bin/{*,logs.cgi/*,vpn.cgi/*}; do \ if [ -f $$i ]; then \