From e94a5e0a7aadb92fb7859596aa919a69812e178c Mon Sep 17 00:00:00 2001
From: Mike Manfredi <mike@fractally.com>
Date: Thu, 15 Feb 2024 00:21:58 +0000
Subject: [PATCH 1/4] Beginning of the changes that are needed to add header
 only when UI of an app is being requested

---
 services/system/ProxySys/src/ProxySys.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/services/system/ProxySys/src/ProxySys.cpp b/services/system/ProxySys/src/ProxySys.cpp
index 14bc5e62c..970c4cd34 100644
--- a/services/system/ProxySys/src/ProxySys.cpp
+++ b/services/system/ProxySys/src/ProxySys.cpp
@@ -83,6 +83,15 @@ namespace SystemService
       if (result && !result->headers.empty() && serviceName != "common-sys")
          abortMessage("service " + service.str() + " attempted to set an http header");
 
+      if (!result->headers["Content-Security-Policy"])
+         for (auto& header : result->headers)
+            if (header.name == "Content-Security-Policy" and
+                header.value == "frame-ancestors 'none';")
+
+               if ()
+                  result->headers.push_back(
+                      HttpHeader{"Content-Security-Policy", "frame-ancestors 'none';"});
+
       setRetval(result);
    }  // serve()
 

From 60cfd9deb8f15af322ed18ecbce073dc1bfab560 Mon Sep 17 00:00:00 2001
From: Mike Manfredi <mike@fractally.com>
Date: Fri, 16 Feb 2024 03:16:55 +0000
Subject: [PATCH 2/4] seems to have compiled

---
 .../psibase/common/include/psibase/Rpc.hpp      | 10 ++++++++++
 services/system/ProxySys/src/ProxySys.cpp       | 17 +++++++++--------
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/libraries/psibase/common/include/psibase/Rpc.hpp b/libraries/psibase/common/include/psibase/Rpc.hpp
index 24d074bc2..c5fe30fd4 100644
--- a/libraries/psibase/common/include/psibase/Rpc.hpp
+++ b/libraries/psibase/common/include/psibase/Rpc.hpp
@@ -11,7 +11,17 @@ namespace psibase
    {
       std::string name;
       std::string value;
+
+      friend bool operator==(const HttpHeader& lhs, const HttpHeader& rhs)
+      {
+         return lhs.name == rhs.name && lhs.value == rhs.value;
+      }
    };
+
+   // bool operator==(const HttpHeader& lhs, const HttpHeader& rhs) {
+   // return lhs.name == rhs.name && lhs.value == rhs.value;
+   // }
+
    PSIO_REFLECT(HttpHeader, definitionWillNotChange(), name, value)
 
    // TODO: consider adding headers to this
diff --git a/services/system/ProxySys/src/ProxySys.cpp b/services/system/ProxySys/src/ProxySys.cpp
index 970c4cd34..f9152246a 100644
--- a/services/system/ProxySys/src/ProxySys.cpp
+++ b/services/system/ProxySys/src/ProxySys.cpp
@@ -83,14 +83,15 @@ namespace SystemService
       if (result && !result->headers.empty() && serviceName != "common-sys")
          abortMessage("service " + service.str() + " attempted to set an http header");
 
-      if (!result->headers["Content-Security-Policy"])
-         for (auto& header : result->headers)
-            if (header.name == "Content-Security-Policy" and
-                header.value == "frame-ancestors 'none';")
-
-               if ()
-                  result->headers.push_back(
-                      HttpHeader{"Content-Security-Policy", "frame-ancestors 'none';"});
+      // bool operator==(const HttpHeader& lhs, const HttpHeader& rhs)
+      // {
+      //    return lhs.name == rhs.name && lhs.value == rhs.value;
+      // }
+      HttpHeader frameAncestorHeader = {"Content-Security-Policy", "frame-ancestors 'none';"};
+      // Check if the target header is already in the vector; if the header was not found, add it
+      auto pos = std::find(result->headers.begin(), result->headers.end(), frameAncestorHeader);
+      if (pos == result->headers.end())
+         result->headers.push_back(frameAncestorHeader);
 
       setRetval(result);
    }  // serve()

From 207a87fa0f89e590b864c95812b4c95e5a2f1f14 Mon Sep 17 00:00:00 2001
From: Mike Manfredi <mike@fractally.com>
Date: Fri, 16 Feb 2024 17:27:41 +0000
Subject: [PATCH 3/4] debugged and working

---
 services/system/ProxySys/src/ProxySys.cpp | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/services/system/ProxySys/src/ProxySys.cpp b/services/system/ProxySys/src/ProxySys.cpp
index f9152246a..523e012bf 100644
--- a/services/system/ProxySys/src/ProxySys.cpp
+++ b/services/system/ProxySys/src/ProxySys.cpp
@@ -79,19 +79,21 @@ namespace SystemService
       // TODO: avoid repacking (both directions)
       psibase::Actor<ServerInterface> iface(act.service, service);
 
-      auto result = iface.serveSys(std::move(req));
+      auto reqTarget = req.target;
+      auto result    = iface.serveSys(std::move(req));
       if (result && !result->headers.empty() && serviceName != "common-sys")
          abortMessage("service " + service.str() + " attempted to set an http header");
 
-      // bool operator==(const HttpHeader& lhs, const HttpHeader& rhs)
-      // {
-      //    return lhs.name == rhs.name && lhs.value == rhs.value;
-      // }
-      HttpHeader frameAncestorHeader = {"Content-Security-Policy", "frame-ancestors 'none';"};
-      // Check if the target header is already in the vector; if the header was not found, add it
-      auto pos = std::find(result->headers.begin(), result->headers.end(), frameAncestorHeader);
-      if (pos == result->headers.end())
-         result->headers.push_back(frameAncestorHeader);
+      if (reqTarget.size() == 0 || reqTarget.starts_with("/index.html"))
+      {
+         // Check if the target header is already in the vector; if the header was not found, add it
+         HttpHeader frameAncestorHeader = {"Content-Security-Policy", "frame-ancestors 'none';"};
+         auto pos = std::find(result->headers.begin(), result->headers.end(), frameAncestorHeader);
+         if (pos == result->headers.end())
+         {
+            result->headers.push_back(frameAncestorHeader);
+         }
+      }
 
       setRetval(result);
    }  // serve()

From 6f824ea1dc170e38c7f456f21f5d9b10376711dd Mon Sep 17 00:00:00 2001
From: Mike Manfredi <mike@fractally.com>
Date: Fri, 16 Feb 2024 17:29:57 +0000
Subject: [PATCH 4/4] cleaning up PR

---
 libraries/psibase/common/include/psibase/Rpc.hpp | 4 ----
 services/system/ProxySys/src/ProxySys.cpp        | 3 ++-
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/libraries/psibase/common/include/psibase/Rpc.hpp b/libraries/psibase/common/include/psibase/Rpc.hpp
index c5fe30fd4..9cbfdce6c 100644
--- a/libraries/psibase/common/include/psibase/Rpc.hpp
+++ b/libraries/psibase/common/include/psibase/Rpc.hpp
@@ -18,10 +18,6 @@ namespace psibase
       }
    };
 
-   // bool operator==(const HttpHeader& lhs, const HttpHeader& rhs) {
-   // return lhs.name == rhs.name && lhs.value == rhs.value;
-   // }
-
    PSIO_REFLECT(HttpHeader, definitionWillNotChange(), name, value)
 
    // TODO: consider adding headers to this
diff --git a/services/system/ProxySys/src/ProxySys.cpp b/services/system/ProxySys/src/ProxySys.cpp
index 523e012bf..5d58f0769 100644
--- a/services/system/ProxySys/src/ProxySys.cpp
+++ b/services/system/ProxySys/src/ProxySys.cpp
@@ -80,7 +80,8 @@ namespace SystemService
       psibase::Actor<ServerInterface> iface(act.service, service);
 
       auto reqTarget = req.target;
-      auto result    = iface.serveSys(std::move(req));
+
+      auto result = iface.serveSys(std::move(req));
       if (result && !result->headers.empty() && serviceName != "common-sys")
          abortMessage("service " + service.str() + " attempted to set an http header");