Hello Michael,
Hi,
On Sun, 2018-07-01 at 07:49 +0200, Peter Müller wrote:
Hello Michael,
yes, I built IPfire 2.x yesterday, and the image data were included into /srv/web/ipfire/html/redirect-templates/legacy/template.html .
Is there anything wrong with this patch?
Yes, see below...
Best regards, Peter Müller
Hey,
On Sat, 2018-06-30 at 09:56 +0200, Peter Müller wrote:
Embed the IPFire background image into the redirect template directly via CSS instead of loading it from somewhere else. This is necessary because of Content Security Policy (CSP) and fixes #11650. This patch inserts the base64 encoded image during build so nothing needs to be updated twice in case background image changes. Signed-off-by: Peter Müller peter.mueller@link38.eu
html/html/redirect-templates/legacy/template.html | 7 ++++++- lfs/web-user-interface | 4 ++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/html/html/redirect-templates/legacy/template.html b/html/html/redirect-templates/legacy/template.html index b5fb61ebe..297561e3a 100644 --- a/html/html/redirect-templates/legacy/template.html +++ b/html/html/redirect-templates/legacy/template.html @@ -3,11 +3,16 @@
<head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ACCESS MESSAGE</title> + <style content="text/css"> + td.image { + background-image: url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); + } + </style> </head> <body> <table width="100%" height='100%' border="0"> <tr> - <td colspan='3' width='100%' height='130' align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> + <td colspan='3' width='100%' height='152px' align="center" class="image"> </td> <tr> <td width='10%'> <td align='center' bgcolor='#CC000000' width='80%'> diff --git a/lfs/web-user-interface b/lfs/web-user-interface index 0c5688252..b023cbd86 100644 --- a/lfs/web-user-interface +++ b/lfs/web-user-interface @@ -50,6 +50,10 @@ md5: $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) + # Add base64 encoded background image to Squid content access page + basedata="$( base64 $(DIR_SRC)/html/html/images/background.gif )" + sed -i "s/IMAGEDATAPLACEHOLDER/${basedata}/g" $(DIR_SRC)/html/html/redirect-templates/legacy/template.html
This isn't a shell script. It is make in which every line invokes a new shell. Therefore the variable assignment happens in one shell and then the next line in executed in a new one which knows nothing about the previous variable assignment.
This sounds correct. However, in case I ran "./make.sh build", there actually is some image data in the built file:
~> cat ~/devel/ipfire-2.x/build/srv/web/ipfire/html/redirect-templates/legacy/template.html | head -n 8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ACCESS MESSAGE</title> <style content="text/css"> td.image { background-image: url(data:image/gif;base64,iVBORw0KGgoAAAANSUhEUgAAAH0AAACaCAYAAACEwUcfAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAgY0hSTQAAeiYAAICEAAD6AAAAgOgAAHUwAADqYAAAOpgAABdwnLpRPAAAABh0RVh0U29mdHdhcmUAUGFpbnQuTkVUIHYzLjA39c2BcAAAqsJJREFUeF7svQV4XVeSLVyXhGZmZo6ZYmamOGa2Y8cMScx2zEwxMzMzyMwg27JlMTOzdPnWv+pIctSZdL+e93p6euZvJ+s7l3TvOWftgl27qraK/pv/5VWRauxUUg92Jo2xGmnCzWRX1IHsSqpJ7ZCH1KkqspodyJyaQNYonYrYqLLlsuXX5KMUVWG1VWcykKM2r9bOwVFdwFlL+TV2qoJaNecjC5PVZotOMqn8A4ymkJuRlPZpOVnuhJEt+5I1alJpaxFVaU3UMQ9pq5UnTakyZFfEQa3Tkp1dLgeVTq1ROai0Fkc7tcbZTsNOap0qD6lUBXUaVSEtUV6dTuXAxFaVjVPIpgkxmDgoSV8g0BZvl3j4hZ/hqCuZ/C8R/zff5n+tn/9WR6oNB0nz9CjZ+a4mpxfnKe/9I1TI8xyVDDhBZcKvUHnfa1Qy8BIV8T1DeT+eVud/dd6+0IeLeYt7XcpTJuSaQ9WYu7pG8Q/sOyY/cRyW9sJhKjA3/ZndlIRH2u4BD7TVX96nfEvukI6OkQpXL6Ce5Ui1pAmp964njcsD0p5wIcdrVynfpztUyM1FVcrribpK0DtN7eAPuiZhbvZtor44dov1dhwY5+s4McnfcbE+0GmbKdjxiDnM4ZQlzAlHp42mQOdpGX55Okd4Fq/kca9g3qVrya5nC1Jn/ebX3/7XYuC/6WymDSXNy4ukCz1KTqGnKZ8rCH53gkqHHKFKUWepWvwVqhx3i8qFulDxiNua4mE3nEsE3bAvG3TXsXbUQ6cWSc8deqW8tB+f8dphgf6N/Yr013aLU55pR0c9Un/r8YTKnrtNuceNIF2eeqRRaUidqxapa4wgzepfnXXXLpWxdz1eNJ/bpbyFPO85lw946lQv7IVjmxhX516J7o5DE7wcJib7OMxJ83NckubvuC49wGGnIdDhqDnE/jJw2xrucMsc7nDeHOm4HcTPNAbn6pzsUbDym+e6vDu3ka5Crn+T/leH1cMjpPPeSbnizlHB0LNU/MtpSPgxqhZ3huoknwNuULVoF1WFuCe6clEujpWjXXLXj3mSq13ia+fBKW8dZqa+s19tcLXfaXhvtz3jpW5+0lPtAJDeMOS+qrTHNSp04zTl2rmE7Be1IN24xqRd1chet2pOecdNKwrndtlZtOj7MwUrBrjkbRz7JleXRHf7MaleDvPTfew3GvztD5iC7c+YQuyuWELtb5pD7e4BD8zhdo+Ah5YI+zvmKLvz1ij7bZZwh6nG4DztI/0LlXv00CnPmLGk1Rb8ql0UDfPvf1l3YDLs+oUJpHu3jXL7HaWi8cepbMBpqgr1Xiv2DDVIPk+N0q9T3WQXqpF4W1Mj+pFDk7hnTl2S3zgNT3N1+Cnd1X6j/oP9UeNH3TnDe92h9Fe6RWmvNEMSnmjbxzyxrx/0wK66+x11+dvHVUUP/kZ5NixXOS39RWW/azo5Ht1Mua4dUed/cUFb2ueuXe2IVw7tkz46jE/3sl9m8Lc7YgrUXbcE2923hOgeW8J0DwEh/ZYlzO6qJUJ33hxhd8IcabfLHGG/zBTqNCo9JHeLcPdcpS4eIaeqlQhuw+8m5d+E/34HV [rest of the base64 block redacted]
So I guess the result of this patch is okay, but the question is why. :-)
Best regards, Peter Müller
You will have an empty image in the result file I think.
-Michael
Did you actually test this?
- # Copy all html/cgi-bin files mkdir -p /srv/web/ipfire/{cgi-bin,html} mkdir -p /var/updatecache/{download,metadata}
-Michael