From 7a382148501d92d055381659ec800c7821d8637b Mon Sep 17 00:00:00 2001
From: Tony BONNIN <stopyz@gmail.com>
Date: Sat, 24 Aug 2024 18:07:03 +0200
Subject: [PATCH] HSTS Ready for Nginx
---
app/acf-util/welcome-html.lsp | 4 ++--
.../health-networkstats-html.lsp | 18 +++++++++---------
app/template-html.lsp | 18 +++++++++---------
3 files changed, 20 insertions(+), 20 deletions(-)
diff --git a/app/acf-util/welcome-html.lsp b/app/acf-util/welcome-html.lsp
index 1f523b5..3b071cb 100644
--- a/app/acf-util/welcome-html.lsp
+++ b/app/acf-util/welcome-html.lsp
@@ -177,7 +177,7 @@
<span class="data-title">Uptime</span>
<span id="uptime" class="uptime">
<%= uptime %><br>
- <script type="application/javascript">
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript">
// IMPORT UPTIME FOR JS LIVE TIMER
if (location.href.includes("welcome/read")) {
let increment = "<%= up_time or 'unknown' %>";
@@ -217,7 +217,7 @@
print ("<span class='nan'>N/A<span>")
end
%>
- <script type="application/javascript" defer>
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript" defer>
// CONVERT TEMP TO FAHRENHEIT
if (((<%= tonumber(api.value.cpuTemp.value) %>) < 50000) && (window.localStorage.getItem('toggle-degree') === 'fahrenheit')) {
document.getElementById("cpuTemp").innerHTML = ((Math.ceil(((<%= tonumber(api.value.boardTemp.value) %>) / 1000) * 9 / 5) + 32) + " °F | <span class='normal'>" + (Math.floor(((<%= tonumber(api.value.cpuTemp.value) %>) / 1000) * 9 / 5) + 32)) + " °F</span>";
diff --git a/app/alpine-baselayout/health-networkstats-html.lsp b/app/alpine-baselayout/health-networkstats-html.lsp
index 91f59f3..eaad885 100644
--- a/app/alpine-baselayout/health-networkstats-html.lsp
+++ b/app/alpine-baselayout/health-networkstats-html.lsp
@@ -37,26 +37,26 @@
width: auto;
}
</style>
-<!--[if IE]><script type="text/javascript" src="<%= html.html_escape(page_info.wwwprefix) %>/js/excanvas.js"></script><![endif]-->
-<script type="text/javascript">
+<!--[if IE]><script nonce="NONCE_PLACEHOLDER" type="text/javascript" src="<%= html.html_escape(page_info.wwwprefix) %>/js/excanvas.js"></script><![endif]-->
+<script nonce="NONCE_PLACEHOLDER" type="text/javascript">
if (typeof jQuery == 'undefined') {
- document.write('<script type="text/javascript" src="<%= html.html_escape(page_info.wwwprefix) %>/js/jquery-latest.js"><\/script>');
+ document.write('<script nonce="NONCE_PLACEHOLDER" type="text/javascript" src="<%= html.html_escape(page_info.wwwprefix) %>/js/jquery-latest.js"><\/script>');
}
</script>
-<script type="text/javascript">
+<script nonce="NONCE_PLACEHOLDER" type="text/javascript">
if (typeof $.plot == 'undefined') {
- document.write('<script type="text/javascript" src="<%= html.html_escape(page_info.wwwprefix) %>/js/jquery.flot.js"><\/script>');
+ document.write('<script nonce="NONCE_PLACEHOLDER" type="text/javascript" src="<%= html.html_escape(page_info.wwwprefix) %>/js/jquery.flot.js"><\/script>');
}
</script>
-<script type="text/javascript">
+<script nonce="NONCE_PLACEHOLDER" type="text/javascript">
if (typeof $.plot.formatDate == 'undefined') {
- document.write('<script type="text/javascript" src="<%= html.html_escape(page_info.wwwprefix) %>/js/jquery.flot.time.js"><\/script>');
+ document.write('<script nonce="NONCE_PLACEHOLDER" type="text/javascript" src="<%= html.html_escape(page_info.wwwprefix) %>/js/jquery.flot.time.js"><\/script>');
}
</script>
-<script type="text/javascript">
+<script nonce="NONCE_PLACEHOLDER" type="text/javascript">
var interval = 1000;
var duration = 60000;
var lastdata = <%= json.encode(view) %>;
@@ -124,7 +124,7 @@
val.data = [];
});
Update();
- ID = window.setInterval("Update()", interval);
+ ID = window.setInterval(Update, interval);
$("#Start").attr("disabled","disabled");
$("#Stop").removeAttr("disabled");
}
diff --git a/app/template-html.lsp b/app/template-html.lsp
index 38d2bc2..49a7a1f 100644
--- a/app/template-html.lsp
+++ b/app/template-html.lsp
@@ -64,20 +64,20 @@ end
<link rel="stylesheet" type="text/css" href="<%= html.html_escape(pageinfo.wwwprefix..pageinfo.skin.."/"..posix.basename(pageinfo.skin).."-ie.css") %>">
<![endif]-->
<!-- UNPKG JS CDN FOR LATEST CHART.JS -->
- <script type="application/javascript" src="https://cdn.jsdelivr.net/npm/chart.js/dist/chart.umd.min.js"></script>
- <script type="application/javascript" src="https://cdn.jsdelivr.net/npm/luxon@latest"></script>
- <script type="application/javascript" src="https://cdn.jsdelivr.net/npm/chartjs-adapter-luxon@latest/dist/chartjs-adapter-luxon.umd.min.js"></script>
- <script type="application/javascript" src="https://cdn.jsdelivr.net/npm/chartjs-plugin-streaming@latest"></script>
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript" src="https://cdn.jsdelivr.net/npm/chart.js/dist/chart.umd.min.js"></script>
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript" src="https://cdn.jsdelivr.net/npm/luxon@latest"></script>
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript" src="https://cdn.jsdelivr.net/npm/chartjs-adapter-luxon@latest/dist/chartjs-adapter-luxon.umd.min.js"></script>
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript" src="https://cdn.jsdelivr.net/npm/chartjs-plugin-streaming@latest"></script>
<!-- UNPKG JS CDN FOR LATEST HIGHLIGHT.JS -->
- <script type="application/javascript" src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@latest/build/highlight.min.js"></script>
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript" src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@latest/build/highlight.min.js"></script>
<!-- INITIALIZE HIGHLIGHT.JS -->
- <script defer type="application/javascript">hljs.highlightAll()</script>
+ <script nonce="NONCE_PLACEHOLDER" defer type="application/javascript">hljs.highlightAll()</script>
<!-- UNPKG JS CDN FOR LATEST JQUERY -->
- <script type="application/javascript" src="https://cdn.jsdelivr.net/npm/jquery/dist/jquery.min.js"></script>
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript" src="https://cdn.jsdelivr.net/npm/jquery/dist/jquery.min.js"></script>
<!-- GLOBAL FUNCTIONS -->
- <script defer type="application/javascript" src="<%= html.html_escape(pageinfo.wwwprefix..pageinfo.skin.."/"..posix.basename(pageinfo.skin)..".js") %>"></script>
+ <script nonce="NONCE_PLACEHOLDER" defer type="application/javascript" src="<%= html.html_escape(pageinfo.wwwprefix..pageinfo.skin.."/"..posix.basename(pageinfo.skin)..".js") %>"></script>
<!-- HIDE LOGGON PAGE FOR AUTH USERS -->
- <script type="application/javascript"> let user = "<%= session.userinfo %>"; if ((user !== "nil") && (window.location.href.indexOf("logon/logon") > -1)) {window.location.href = '//' + window.location.hostname + '/cgi-bin/acf/acf-util/welcome/read'}</script>
+ <script nonce="NONCE_PLACEHOLDER" type="application/javascript"> let user = "<%= session.userinfo %>"; if ((user !== "nil") && (window.location.href.indexOf("logon/logon") > -1)) {window.location.href = '//' + window.location.hostname + '/cgi-bin/acf/acf-util/welcome/read'}</script>
</head>
<% end -- pageinfo.skinned %>
<%
--
GitLab