Skip to content

Commit

Permalink
better url set up
Browse files Browse the repository at this point in the history
  • Loading branch information
ThomasJanda committed May 29, 2020
1 parent 88ce864 commit c8711ff
Show file tree
Hide file tree
Showing 5 changed files with 144 additions and 9 deletions.
15 changes: 15 additions & 0 deletions Application/views/admin/de/security_lang.php
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,21 @@
'SHOP_MODULE_rs-security_Content-Security-Policy_12' => "Part 12",
'SHOP_MODULE_rs-security_Content-Security-Policy_13' => "Part 13",
'SHOP_MODULE_rs-security_Content-Security-Policy_14' => "Part 14",

'SHOP_MODULE_rs-security_Content-Security-Policy_01_domains' => "Part 1 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_02_domains' => "Part 2 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_03_domains' => "Part 3 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_04_domains' => "Part 4 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_05_domains' => "Part 5 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_06_domains' => "Part 6 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_07_domains' => "Part 7 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_08_domains' => "Part 8 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_09_domains' => "Part 9 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_10_domains' => "Part 10 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_11_domains' => "Part 11 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_12_domains' => "Part 12 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_13_domains' => "Part 13 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_14_domains' => "Part 14 (domains, one per line)",

'SHOP_MODULE_GROUP_rs-security_X-Content-Type-Options' => 'Header X-Content-Type-Options',
'SHOP_MODULE_rs-security_X-Content-Type-Options_enabled' => 'Enabled?',
Expand Down
14 changes: 14 additions & 0 deletions Application/views/admin/en/security_lang.php
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,20 @@
'SHOP_MODULE_rs-security_Content-Security-Policy_12' => "Part 12",
'SHOP_MODULE_rs-security_Content-Security-Policy_13' => "Part 13",
'SHOP_MODULE_rs-security_Content-Security-Policy_14' => "Part 14",
'SHOP_MODULE_rs-security_Content-Security-Policy_01_domains' => "Part 1 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_02_domains' => "Part 2 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_03_domains' => "Part 3 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_04_domains' => "Part 4 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_05_domains' => "Part 5 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_06_domains' => "Part 6 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_07_domains' => "Part 7 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_08_domains' => "Part 8 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_09_domains' => "Part 9 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_10_domains' => "Part 10 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_11_domains' => "Part 11 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_12_domains' => "Part 12 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_13_domains' => "Part 13 (domains, one per line)",
'SHOP_MODULE_rs-security_Content-Security-Policy_14_domains' => "Part 14 (domains, one per line)",
'SHOP_MODULE_GROUP_rs-security_X-Content-Type-Options' => 'Header X-Content-Type-Options',
'SHOP_MODULE_rs-security_X-Content-Type-Options_enabled' => 'Enabled?',
'SHOP_MODULE_rs-security_X-Content-Type-Options' => 'Default: nosniff',
Expand Down
6 changes: 5 additions & 1 deletion Core/Output.php
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,13 @@ public function sendHeaders()
for($x=1;$x<15;$x++)
{
$sValue = 'rs-security_'.$sHeader.'_'.str_pad($x,2,'0',STR_PAD_LEFT);
$sValueDomains = 'rs-security_'.$sHeader.'_'.str_pad($x,2,'0',STR_PAD_LEFT)."_domains";
$sValue = trim($oConfig->getConfigParam($sValue));
$aValueDomains = $oConfig->getConfigParam($sValueDomains);
if($sValue && $sValue!=="")
$aValues[]=$sValue;
{
$aValues[]=$sValue." ".implode(" ",$aValueDomains);
}
}
if(!empty($aValues))
{
Expand Down
2 changes: 1 addition & 1 deletion Core/UtilsServer.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ class UtilsServer extends UtilsServer_parent
protected function _rs_security__getCookieSameSite()
{
$oConfig = $this->getConfig();
if (!$this->_rs_security__isSecure()) return "";
//if (!$this->_rs_security__isSecure()) return "";

$sSameSite = "";
if ((bool) $oConfig->getConfigParam('rs-security_cookie_SameSite_enabled',
Expand Down
116 changes: 109 additions & 7 deletions metadata.php
Original file line number Diff line number Diff line change
Expand Up @@ -49,85 +49,187 @@
'type' => 'str',
'value' => "default-src 'self' https:",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_01_domains',
'type' => 'arr',
'value' => [],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_02',
'type' => 'str',
'value' => "object-src 'none'",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_02_domains',
'type' => 'arr',
'value' => [],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_03',
'type' => 'str',
'value' => "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com",
'value' => "style-src 'self' 'unsafe-inline'",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_03_domains',
'type' => 'arr',
'value' => [
'https://fonts.googleapis.com'
],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_04',
'type' => 'str',
'value' => "font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com",
'value' => "font-src 'self' data:",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_04_domains',
'type' => 'arr',
'value' => [
'https://fonts.googleapis.com',
'https://fonts.gstatic.com'
],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_05',
'type' => 'str',
'value' => "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.paypal.com/paymentwall/payment-selection https://www.paypalobjects.com https://www.google-analytics.com",
'value' => "script-src 'self' 'unsafe-inline' 'unsafe-eval'",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_05_domains',
'type' => 'arr',
'value' => [
'https://www.paypal.com/paymentwall/payment-selection',
'https://www.paypalobjects.com https://www.google-analytics.com'
],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_06',
'type' => 'str',
'value' => "img-src 'self' data: https://www.google.com https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net",
'value' => "img-src 'self' data:",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_06_domains',
'type' => 'arr',
'value' => [
'https://www.google.com',
'https://www.google-analytics.com',
'www.google-analytics.com',
'https://stats.g.doubleclick.net'
],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_07',
'type' => 'str',
'value' => "connect-src 'self' https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net",
'value' => "connect-src 'self'",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_07_domains',
'type' => 'arr',
'value' => [
'https://www.google-analytics.com',
'www.google-analytics.com',
'https://stats.g.doubleclick.net'
],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_08',
'type' => 'str',
'value' => "frame-ancestors 'self'",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_08_domains',
'type' => 'arr',
'value' => [],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_09',
'type' => 'str',
'value' => "form-action 'self' https://www.paypal.com/paymentwall/payment-selection",
'value' => "form-action 'self'",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_09_domains',
'type' => 'arr',
'value' => [
'https://www.paypal.com/paymentwall/payment-selection'
],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_10',
'type' => 'str',
'value' => "base-uri 'self'",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_10_domains',
'type' => 'arr',
'value' => [],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_11',
'type' => 'str',
'value' => "",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_11_domains',
'type' => 'arr',
'value' => [],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_12',
'type' => 'str',
'value' => "",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_12_domains',
'type' => 'arr',
'value' => [],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_13',
'type' => 'str',
'value' => "",
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_13_domains',
'type' => 'arr',
'value' => [],
),
array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_14',
'type' => 'str',
'value' => "",
),

array(
'group' => 'rs-security_Content-Security-Policy',
'name' => 'rs-security_Content-Security-Policy_14_domains',
'type' => 'arr',
'value' => [],
),
/* ----- */
array(
'group' => 'rs-security_X-Content-Type-Options',
Expand Down

0 comments on commit c8711ff

Please sign in to comment.