mirror of
https://framagit.org/hubzilla/core.git
synced 2026-06-21 00:52:33 -04:00
move trusted directory servers to security and implement in backend
This commit is contained in:
Mario Vavti
@@ -232,7 +232,7 @@ class Libzotdir {
|
||||
if (! $r)
|
||||
return;
|
||||
|
||||
$dir_trusted_hosts = get_directory_fallback_servers();
|
||||
$dir_trusted_hosts = array_merge(get_directory_fallback_servers(), get_config('system', 'trusted_directory_servers'));
|
||||
|
||||
foreach ($r as $rr) {
|
||||
if (! $rr['site_directory'])
|
||||
|
||||
@@ -56,6 +56,9 @@ class Security {
|
||||
$cs = ((x($_POST,'content_security')) ? True : False);
|
||||
set_config('system','content_security_policy',$cs);
|
||||
|
||||
$trusted_directory_servers = $this->trim_array_elems(explode("\n", $_POST['trusted_directory_servers']));
|
||||
set_config('system', 'trusted_directory_servers', $trusted_directory_servers);
|
||||
|
||||
goaway(z_root() . '/admin/security');
|
||||
}
|
||||
|
||||
@@ -83,6 +86,10 @@ class Security {
|
||||
$blackembeds = get_config('system','embed_deny');
|
||||
$blackembeds_str = ((is_array($blackembeds)) ? implode("\n",$blackembeds) : '');
|
||||
|
||||
$trusted_directory_servers = get_config('system', 'trusted_directory_servers');
|
||||
$trusted_directory_servers_str = ((is_array($trusted_directory_servers)) ? implode("\n", $trusted_directory_servers) : '');
|
||||
$is_dir = (intval(get_config('system', 'directory_mode', DIRECTORY_MODE_NORMAL)) !== DIRECTORY_MODE_NORMAL);
|
||||
|
||||
$embed_coop = intval(get_config('system','embed_coop'));
|
||||
|
||||
if((! $whiteembeds) && (! $blackembeds)) {
|
||||
@@ -115,6 +122,8 @@ class Security {
|
||||
'$thumbnail_security' => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ],
|
||||
'$inline_pdf' => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), get_config('system','inline_pdf',0), '' ],
|
||||
|
||||
'$trusted_directory_servers' => (($is_dir) ? ['trusted_directory_servers', t('Additional trusted directory server URLs'), $trusted_directory_servers_str, t('Accept directory flags (spam, nsfw) from those servers. One per line like https://example.tld')] : ''),
|
||||
|
||||
// '$embed_coop' => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')),
|
||||
|
||||
'$submit' => t('Submit')
|
||||
|
||||
@@ -60,7 +60,6 @@ class Site {
|
||||
}
|
||||
$mirror_frontpage = ((x($_POST,'mirror_frontpage')) ? intval(trim($_POST['mirror_frontpage'])) : 0);
|
||||
$directory_server = ((x($_POST,'directory_server')) ? trim($_POST['directory_server']) : '');
|
||||
$trusted_directory_servers = ((!empty($_POST['trusted_directory_servers'])) ? trim($_POST['trusted_directory_servers']) : '');
|
||||
$allowed_sites = ((x($_POST,'allowed_sites')) ? notags(trim($_POST['allowed_sites'])) : '');
|
||||
$force_publish = ((x($_POST,'publish_all')) ? True : False);
|
||||
$disable_discover_tab = ((x($_POST,'disable_discover_tab')) ? False : True);
|
||||
@@ -167,10 +166,6 @@ class Site {
|
||||
if($directory_server)
|
||||
set_config('system','directory_server',$directory_server);
|
||||
|
||||
if($trusted_directory_servers) {
|
||||
set_config('system', 'trusted_directory_servers', $trusted_directory_servers);
|
||||
}
|
||||
|
||||
if ($banner == '') {
|
||||
del_config('system', 'banner');
|
||||
} else {
|
||||
@@ -529,7 +524,6 @@ class Site {
|
||||
'$from_email_name' => [ 'from_email_name', t('Name of email sender for system generated email.'), get_config('system','from_email_name',\Zotlabs\Lib\System::get_site_name()),'' ],
|
||||
|
||||
'$directory_server' => (($dir_choices) ? array('directory_server', t("Directory Server URL"), get_config('system','directory_server'), t("Default directory server"), $dir_choices) : null),
|
||||
'$trusted_directory_servers' => ((!$dir_choices) ? ['trusted_directory_servers', t('Additional trusted directory server URLs'), get_config('system','trusted_directory_servers'), t('Accept directory flags (spam, nsfw) from those servers. One per line like https://example.tld')] : ''),
|
||||
|
||||
'$sse_enabled' => array('sse_enabled', t('Enable SSE Notifications'), get_config('system', 'sse_enabled', 0), t('If disabled, traditional polling will be used. Warning: this setting might not be suited for shared hosting')),
|
||||
|
||||
|
||||
@@ -27,6 +27,9 @@
|
||||
|
||||
{{include file="field_textarea.tpl" field=$embed_allow}}
|
||||
{{include file="field_textarea.tpl" field=$embed_deny}}
|
||||
{{if $trusted_directory_servers}}
|
||||
{{include file="field_textarea.tpl" field=$trusted_directory_servers}}
|
||||
{{/if}}
|
||||
|
||||
|
||||
<div class="admin-submit-wrapper">
|
||||
|
||||
@@ -24,9 +24,6 @@
|
||||
{{if $directory_server}}
|
||||
{{include file="field_select.tpl" field=$directory_server}}
|
||||
{{/if}}
|
||||
{{if $trusted_directory_servers}}
|
||||
{{include file="field_textarea.tpl" field=$trusted_directory_servers}}
|
||||
{{/if}}
|
||||
|
||||
<div class="submit">
|
||||
<input type="submit" name="page_site" class="btn btn-primary" value="{{$submit}}" />
|
||||
|
||||
Reference in New Issue
Block a user