7x31
/
nginxconfig.io
mirror of https://github.com/digitalocean/nginxconfig.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: styling

This commit is contained in:
Robert 2022-10-02 19:11:50 +03:00 committed by GitHub
parent e0db1ac498
commit 8935e9098b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/nginxconfig/generators/conf/security.conf.js
View File

@ -38,10 +38,7 @@ export default (domains, global) => {
config.push(['add_header Content-Security-Policy', `"${global.security.contentSecurityPolicy.computed}" always`]);
if (global.security.permissionsPolicy.computed)
config.push([
'add_header Permissions-Policy',
`"${global.security.permissionsPolicy.computed}" always`,
]);
config.push(['add_header Permissions-Policy', `"${global.security.permissionsPolicy.computed}" always`]);
// Every domain has HSTS enabled, and they all have same hstsSubdomains/hstsPreload settings
if (commonHsts(domains)) {

34
src/nginxconfig/templates/global_sections/security.vue
View File

@ -181,7 +181,6 @@ THE SOFTWARE.
import delegatedFromDefaults from '../../util/delegated_from_defaults';
import computedFromDefaults from '../../util/computed_from_defaults';
import PrettyCheck from '../inputs/checkbox';
const defaults = {
referrerPolicy: {
default: 'no-referrer-when-downgrade',
@ -198,8 +197,7 @@ THE SOFTWARE.
enabled: true,
},
contentSecurityPolicy: {
default:
'default-src \'self\' http: https: ws: wss: data: blob: \'unsafe-inline\'; frame-ancestors \'self\';',
default: 'default-src \'self\' http: https: ws: wss: data: blob: \'unsafe-inline\'; frame-ancestors \'self\';',
enabled: true,
},
permissionsPolicy: {
@ -222,37 +220,27 @@ THE SOFTWARE.
default: '~/security.txt',
enabled: true,
},
blockCommonExploits: {
default: false,
enabled: true,
},
};
export default {
name: 'GlobalSecurity', // Component name
display: 'templates.globalSections.security.security', // Display name for tab (i18n key)
key: 'security', // Key for data in parent
delegated: delegatedFromDefaults(defaults), // Data the parent will present here
name: 'GlobalSecurity', // Component name
display: 'templates.globalSections.security.security', // Display name for tab (i18n key)
key: 'security', // Key for data in parent
delegated: delegatedFromDefaults(defaults), // Data the parent will present here
components: {
PrettyCheck,
VueSelect,
},
props: {
data: Object, // Data delegated back to us from parent
data: Object, // Data delegated back to us from parent
},
computed: {
...computedFromDefaults(defaults, 'security'), // Getters & setters for the delegated data
...computedFromDefaults(defaults, 'security'), // Getters & setters for the delegated data
hasWordPress() {
return this.$parent.$parent.$data.domains.some(
d => d && d.php.wordPressRules.computed,
);
return this.$parent.$parent.$data.domains.some(d => d && d.php.wordPressRules.computed);
},
hasWordPressUnsafeEval() {
return (
this.$props.data.contentSecurityPolicy.computed.match(
/(default|script)-src[^;]+'self'[^;]+'unsafe-inline'[^;]+'unsafe-eval'[^;]*;/,
) !== null
);
return this.$props.data.contentSecurityPolicy.computed
.match(/(default|script)-src[^;]+'self'[^;]+'unsafe-inline'[^;]+'unsafe-eval'[^;]*;/) !== null;
},
hasWarnings() {
return this.hasWordPress && !this.hasWordPressUnsafeEval;
@ -271,4 +259,4 @@ THE SOFTWARE.
},
},
};
</script>
</script>