Add warning for wordpress CSP unsafe-eval (fixes #144)

pull/111/head
MattIPv4 5 years ago
parent 594e307d2a
commit 9465e8a2fb

@ -14,6 +14,9 @@ See the License for the specific language governing permissions and
limitations under the License. limitations under the License.
*/ */
import common from '../../common';
export default { export default {
whenUsingWordPressUnsafeEvalIsOftenRequiredToAllowFunctionality: `When using ${common.wordPress}, <code class="slim">'unsafe-eval'</code> is often required in the Content Security Policy to allow the admin panel to function correctly.`,
security: 'Security', security: 'Security',
}; };

@ -32,7 +32,7 @@ limitations under the License.
</div> </div>
</div> </div>
<div class="field is-horizontal"> <div :class="`field is-horizontal${hasWordPress && !hasUnsafeEval ? ' is-aligned-top' : ''}`">
<div class="field-label"> <div class="field-label">
<label class="label">Content-Security-Policy</label> <label class="label">Content-Security-Policy</label>
</div> </div>
@ -45,6 +45,14 @@ limitations under the License.
:placeholder="$props.data.contentSecurityPolicy.default" :placeholder="$props.data.contentSecurityPolicy.default"
/> />
</div> </div>
<template v-if="hasWordPress && !hasUnsafeEval">
<br />
<div class="message is-warning">
<div class="message-body"
v-html="i18n.templates.globalSections.security.whenUsingWordPressUnsafeEvalIsOftenRequiredToAllowFunctionality"
></div>
</div>
</template>
</div> </div>
</div> </div>
</div> </div>
@ -140,7 +148,15 @@ limitations under the License.
i18n, i18n,
}; };
}, },
computed: computedFromDefaults(defaults, 'security'), // Getters & setters for the delegated data computed: {
...computedFromDefaults(defaults, 'security'), // Getters & setters for the delegated data
hasWordPress() {
return this.$parent.$parent.$data.domains.some(d => d.php.wordPressRules.computed);
},
hasUnsafeEval() {
return this.$props.data.contentSecurityPolicy.computed.includes('\'unsafe-eval\'');
},
},
watch: { watch: {
// Check referrer policy selection is valid // Check referrer policy selection is valid
'$props.data.referrerPolicy': { '$props.data.referrerPolicy': {

Loading…
Cancel
Save