]> granicus.if.org Git - pdns/commitdiff
projects / pdns / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5387cc7)
dnsdist: Remove remote images in the webserver index
authorRemi Gacogne <rgacogne-github@coredump.fr>
Wed, 13 Jan 2016 16:54:54 +0000 (17:54 +0100)
committerRemi Gacogne <rgacogne-github@coredump.fr>
Thu, 14 Jan 2016 08:18:33 +0000 (09:18 +0100)
- Remove the github link/image
- Add the powerdns logo to the html directory
- Add handling for PNG files in the webserver
- Edit the CSP policy to only allows local images
- Explicitely asks jQuery not to use JSONP while fetching the stats

pdns/dnsdist-web.cc patch | blob | history
pdns/dnsdistdist/html/index.html patch | blob | history
pdns/dnsdistdist/html/local.js patch | blob | history
pdns/dnsdistdist/html/powerdns-logo-220px.png [new file with mode: 0644] patch | blob

diff --git a/pdns/dnsdist-web.cc b/pdns/dnsdist-web.cc
index 4920de303dcfa9bca6acba3c8c4ddfbb642d840d..cc98b7337a3869daa76db89718007f36a0b7b4b1 100644 (file)
--- a/pdns/dnsdist-web.cc
+++ b/pdns/dnsdist-web.cc
@@ -79,7 +79,7 @@ static void connectionThread(int sock, ComboAddress remote, string password)
     resp.headers["X-Frame-Options"] = "deny";
     resp.headers["X-Permitted-Cross-Domain-Policies"] = "none";
     resp.headers["X-XSS-Protection"] = "1; mode=block";
-    resp.headers["Content-Security-Policy"] = "default-src 'self'; img-src *; style-src 'self' 'unsafe-inline'";
+    resp.headers["Content-Security-Policy"] = "default-src 'self'; style-src 'self' 'unsafe-inline'";
 
     if(req.method == "OPTIONS") {
       /* the OPTIONS method should not require auth, otherwise it breaks CORS */
@@ -228,6 +228,8 @@ static void connectionThread(int sock, ComboAddress remote, string password)
         resp.headers["Content-Type"] = "text/css";
       else if(parts.back() == "js")
         resp.headers["Content-Type"] = "application/javascript";
+      else if(parts.back() == "png")
+        resp.headers["Content-Type"] = "image/png";
       resp.status=200;
     }
     else if(resp.url.path=="/") {
diff --git a/pdns/dnsdistdist/html/index.html b/pdns/dnsdistdist/html/index.html
index 6cda59e1d037feff15103d4b076e642a158f4e18..547038c96379ddab28590321763cf610752a87e3 100644 (file)
--- a/pdns/dnsdistdist/html/index.html
+++ b/pdns/dnsdistdist/html/index.html
@@ -42,13 +42,8 @@
   <script src="local.js"></script>
   </head>
   <body>
-    <a href="https://github.com/PowerDNS/pdns"><img style="position: absolute; top: 0; right: 0; border: 0;"
-                                                    src="https://s3.amazonaws.com/github/ribbons/forkme_right_gray_6d6d6d.png"
-                                                    alt="Fork me on GitHub"></a>
 
-
-
-    <table width="100%" border="0"><tr><td><img src="https://www.powerdns.com/img/powerdns-logo-220px.png"/></td>
+    <table width="100%" border="0"><tr><td><img src="powerdns-logo-220px.png"/></td>
         <td style="padding: 0px 90px 0px 20px">
             <span id="version"></span><br/>
             dnsdist comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to the terms of the GPL version 2.<br/>
diff --git a/pdns/dnsdistdist/html/local.js b/pdns/dnsdistdist/html/local.js
index 22804d853090fc8497b81c9c8b3a90cf78268e57..448b4aaf7967400975b29bed0a5d89da577c1aa8 100644 (file)
--- a/pdns/dnsdistdist/html/local.js
+++ b/pdns/dnsdistdist/html/local.js
@@ -142,6 +142,7 @@ $(document).ready(function() {
         $.ajax({
             url: 'jsonstat?command=stats',
             type: 'GET',
+            dataType: 'json',
             jsonp: false,
             success: function(data, x, y) {
                 $("#questions").text(data["queries"]);
@@ -182,7 +183,7 @@ $(document).ready(function() {
             },
         });
         
-        $.ajax({ url: 'api/v1/servers/localhost', type: 'GET', dataType: 'json',
+        $.ajax({ url: 'api/v1/servers/localhost', type: 'GET', dataType: 'json', jsonp: false,
                  success: function(data) {
                      $("#version").text(data["daemon_type"]+" "+data["version"]);
                      $("#acl").text(data["acl"]);
@@ -215,7 +216,7 @@ $(document).ready(function() {
   //          return;
         //      updateRingBuffers();
 
-        $.ajax({ url: 'jsonstat?command=dynblocklist', type: 'GET', dataType: 'json',
+        $.ajax({ url: 'jsonstat?command=dynblocklist', type: 'GET', dataType: 'json', jsonp: false,
                  success: function(data) {
                      var bouw='<table width="100%"><tr align=left><th>Dyn blocked netmask</th><th>Seconds</th><th>Blocks</th><th align=left>Reason</th></tr>';
                     var gotsome=false;
diff --git a/pdns/dnsdistdist/html/powerdns-logo-220px.png b/pdns/dnsdistdist/html/powerdns-logo-220px.png
new file mode 100644 (file)
index 0000000..7c299c0
Binary files /dev/null and b/pdns/dnsdistdist/html/powerdns-logo-220px.png differ
Unnamed repository; edit this file 'description' to name the repository.