Embed the IPFire background image into the redirect template directly via CSS instead of loading it from somewhere else. This is necessary because of Content Security Policy (CSP).
This patch inserts the base64 encoded image during build so nothing needs to be updated twice in case background image changes.
It supersedes first and second version of this patch and has been successfully tested during a clean build.
Fixes #11650
Signed-off-by: Peter Müller peter.mueller@link38.eu --- html/html/redirect-templates/legacy/template.html | 7 ++++++- lfs/web-user-interface | 5 +++++ 2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/html/html/redirect-templates/legacy/template.html b/html/html/redirect-templates/legacy/template.html index b5fb61ebe..297561e3a 100644 --- a/html/html/redirect-templates/legacy/template.html +++ b/html/html/redirect-templates/legacy/template.html @@ -3,11 +3,16 @@ <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ACCESS MESSAGE</title> + <style content="text/css"> + td.image { + background-image: url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); + } + </style> </head> <body> <table width="100%" height='100%' border="0"> <tr> - <td colspan='3' width='100%' height='130' align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> + <td colspan='3' width='100%' height='152px' align="center" class="image"> </td> <tr> <td width='10%'> <td align='center' bgcolor='#CC000000' width='80%'> diff --git a/lfs/web-user-interface b/lfs/web-user-interface index 0c5688252..f3367713a 100644 --- a/lfs/web-user-interface +++ b/lfs/web-user-interface @@ -55,6 +55,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) mkdir -p /var/updatecache/{download,metadata} cp -aR $(DIR_SRC)/html/* /srv/web/ipfire
+ # Add base64 encoded background image to Squid content access page + basedata="$$( base64 ${DIR_SRC}/html/html/images/background.gif | tr -d '\n' )"; \ + sed -i "s|IMAGEDATAPLACEHOLDER|$${basedata}|g" \ + /srv/web/ipfire/html/redirect-templates/legacy/template.html + # Change CONFIG_ROOT in cgi-scripts for i in /srv/web/ipfire/cgi-bin/{*,logs.cgi/*,vpn.cgi/*}; do \ if [ -f $$i ]; then \
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Hi,
On Sun, 2018-08-26 at 21:15 +0200, Peter Müller wrote:
Embed the IPFire background image into the redirect template directly via CSS instead of loading it from somewhere else. This is necessary because of Content Security Policy (CSP).
This patch inserts the base64 encoded image during build so nothing needs to be updated twice in case background image changes.
It supersedes first and second version of this patch and has been successfully tested during a clean build.
Fixes #11650
Signed-off-by: Peter Müller peter.mueller@link38.eu
html/html/redirect-templates/legacy/template.html | 7 ++++++- lfs/web-user-interface | 5 +++++ 2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/html/html/redirect-templates/legacy/template.html b/html/html/redirect-templates/legacy/template.html index b5fb61ebe..297561e3a 100644 --- a/html/html/redirect-templates/legacy/template.html +++ b/html/html/redirect-templates/legacy/template.html @@ -3,11 +3,16 @@
<head> <meta http-equiv="Content-Type" content="text/html; charset=utf- 8"> <title>ACCESS MESSAGE</title> + <style content="text/css"> + td.image { + background-image: url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); + } + </style> </head> <body> <table width="100%" height='100%' border="0"> <tr> - <td colspan='3' width='100%' height='130' align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> + <td colspan='3' width='100%' height='152px' align="center" class="image"> </td> <tr> <td width='10%'> <td align='center' bgcolor='#CC000000' width='80%'> diff --git a/lfs/web-user-interface b/lfs/web-user-interface index 0c5688252..f3367713a 100644 --- a/lfs/web-user-interface +++ b/lfs/web-user-interface @@ -55,6 +55,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) mkdir -p /var/updatecache/{download,metadata} cp -aR $(DIR_SRC)/html/* /srv/web/ipfire
- # Add base64 encoded background image to Squid content access page
- basedata="$$( base64 ${DIR_SRC}/html/html/images/background.gif | tr -d
'\n' )"; \
sed -i "s|IMAGEDATAPLACEHOLDER|$${basedata}|g" \/srv/web/ipfire/html/redirect-templates/legacy/template.html
${DIR_SRC} should be $(DIR_SRC) in order to be expanded from the Makefile and not from the shell environment.
I am not even sure if DIR_SRC is guaranteed to be set.
# Change CONFIG_ROOT in cgi-scripts for i in /srv/web/ipfire/cgi-bin/{*,logs.cgi/*,vpn.cgi/*}; do \ if [ -f $$i ]; then \
Embed the IPFire background image into the redirect template directly via CSS instead of loading it from somewhere else. This is necessary because of Content Security Policy (CSP).
This patch inserts the base64 encoded image during build so nothing needs to be updated twice in case background image changes.
It supersedes first, second and third version of this patch and has been successfully tested during a clean build.
Fixes #11650
Signed-off-by: Peter Müller peter.mueller@link38.eu --- html/html/redirect-templates/legacy/template.html | 7 ++++++- lfs/web-user-interface | 5 +++++ 2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/html/html/redirect-templates/legacy/template.html b/html/html/redirect-templates/legacy/template.html index b5fb61ebe..297561e3a 100644 --- a/html/html/redirect-templates/legacy/template.html +++ b/html/html/redirect-templates/legacy/template.html @@ -3,11 +3,16 @@ <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ACCESS MESSAGE</title> + <style content="text/css"> + td.image { + background-image: url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); + } + </style> </head> <body> <table width="100%" height='100%' border="0"> <tr> - <td colspan='3' width='100%' height='130' align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> + <td colspan='3' width='100%' height='152px' align="center" class="image"> </td> <tr> <td width='10%'> <td align='center' bgcolor='#CC000000' width='80%'> diff --git a/lfs/web-user-interface b/lfs/web-user-interface index 0c5688252..f3367713a 100644 --- a/lfs/web-user-interface +++ b/lfs/web-user-interface @@ -55,6 +55,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) mkdir -p /var/updatecache/{download,metadata} cp -aR $(DIR_SRC)/html/* /srv/web/ipfire
+ # Add base64 encoded background image to Squid content access page + basedata="$$( base64 $(DIR_SRC)/html/html/images/background.gif | tr -d '\n' )"; \ + sed -i "s|IMAGEDATAPLACEHOLDER|$${basedata}|g" \ + /srv/web/ipfire/html/redirect-templates/legacy/template.html + # Change CONFIG_ROOT in cgi-scripts for i in /srv/web/ipfire/cgi-bin/{*,logs.cgi/*,vpn.cgi/*}; do \ if [ -f $$i ]; then \
Hello,
Hi,
On Sun, 2018-08-26 at 21:15 +0200, Peter Müller wrote:
Embed the IPFire background image into the redirect template directly via CSS instead of loading it from somewhere else. This is necessary because of Content Security Policy (CSP).
This patch inserts the base64 encoded image during build so nothing needs to be updated twice in case background image changes.
It supersedes first and second version of this patch and has been successfully tested during a clean build.
Fixes #11650
Signed-off-by: Peter Müller peter.mueller@link38.eu
html/html/redirect-templates/legacy/template.html | 7 ++++++- lfs/web-user-interface | 5 +++++ 2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/html/html/redirect-templates/legacy/template.html b/html/html/redirect-templates/legacy/template.html index b5fb61ebe..297561e3a 100644 --- a/html/html/redirect-templates/legacy/template.html +++ b/html/html/redirect-templates/legacy/template.html @@ -3,11 +3,16 @@
<head> <meta http-equiv="Content-Type" content="text/html; charset=utf- 8"> <title>ACCESS MESSAGE</title> + <style content="text/css"> + td.image { + background-image: url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); + } + </style> </head> <body> <table width="100%" height='100%' border="0"> <tr> - <td colspan='3' width='100%' height='130' align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> + <td colspan='3' width='100%' height='152px' align="center" class="image"> </td> <tr> <td width='10%'> <td align='center' bgcolor='#CC000000' width='80%'> diff --git a/lfs/web-user-interface b/lfs/web-user-interface index 0c5688252..f3367713a 100644 --- a/lfs/web-user-interface +++ b/lfs/web-user-interface @@ -55,6 +55,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) mkdir -p /var/updatecache/{download,metadata} cp -aR $(DIR_SRC)/html/* /srv/web/ipfire
- # Add base64 encoded background image to Squid content access page
- basedata="$$( base64 ${DIR_SRC}/html/html/images/background.gif | tr -d
'\n' )"; \
sed -i "s|IMAGEDATAPLACEHOLDER|$${basedata}|g" \/srv/web/ipfire/html/redirect-templates/legacy/template.html${DIR_SRC} should be $(DIR_SRC) in order to be expanded from the Makefile and not from the shell environment.
Sorry about this - fixed in v4, although it worked.
I am not even sure if DIR_SRC is guaranteed to be set.
I must say, using shell commands in LFS files is somewhat tricky...
Best regards, Peter Müller
# Change CONFIG_ROOT in cgi-scripts for i in /srv/web/ipfire/cgi-bin/{*,logs.cgi/*,vpn.cgi/*}; do \ if [ -f $$i ]; then \
-
Michael Tremer -
Peter Müller