| Message ID | a4e7188d-0d34-bd62-20b5-3e4cd7b015ff@link38.eu |
|---|---|
| State | Superseded |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.i.ipfire.org (Postfix) with ESMTP id D53F360741 for <patchwork@web02.i.ipfire.org>; Sat, 30 Jun 2018 09:56:49 +0200 (CEST) Received: from mail01.i.ipfire.org (localhost [127.0.0.1]) by mail01.ipfire.org (Postfix) with ESMTP id ABF3510D0005; Sat, 30 Jun 2018 08:56:48 +0100 (BST) Received: from mx-nbg.link38.eu (mx-nbg.link38.eu [37.120.167.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx-nbg.link38.eu", Issuer "Let's Encrypt Authority X3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id E5DD7109370C for <development@lists.ipfire.org>; Sat, 30 Jun 2018 08:56:45 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=link38.eu; s=201803; t=1530345405; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=5cZ1ydV+G1Gn1jkj+rP2qyLAO7OMRnPvAL1dGEbZw4I=; b=4KfYLE6Igje6rksZl5DwiB5X5Sbpdy9hIU/jN+4vK2Pngtp6awDp3GkXWigR+gbiXDlzvs g3dNDYjuYawFFyxPfKTRZsRA9srpXG1uixT5XHIMKjAXY7LsLIdwzCmucZDn6jE4dTAmpR nDHzoYuYJmSr1+Fbmq7hza47oGS5Hh8TElbB6WibbB8u9ZurcTMDCYKtkKS+JUEJ+CidzV z1HQ3CZ1baqlTxsrgNHGRaekMgEeyNoUAbciD1ET+/pw9XeGePZsfumJRXd1/mOiLOr0eM Mg6iqdkE3/GrszTdtmX1pXedZgQCjuZyjp+iGseq1d0MIm30/6PfDe8oKMo01w== To: Michael Tremer <michael.tremer@ipfire.org> References: <51c2a554-d56a-0764-7240-5f3de90bce5a@link38.eu> <f41f15096114ae1aa855d11d9284d20603987df0.camel@ipfire.org> <a8c2878f-9dd8-d8d7-5151-1bc2506038ee@link38.eu> <1f699226602f2451fdd1651b19a1f70417cf4342.camel@ipfire.org> From: =?utf-8?q?Peter_M=C3=BCller?= <peter.mueller@link38.eu> Openpgp: preference=signencrypt Autocrypt: addr=peter.mueller@link38.eu; prefer-encrypt=mutual; keydata= xsFNBFrlh/UBEADDNM0LnM9+1NhjgfIz7Ww9Hlx6egK75TJoVa/S9gjI+3DeXn7hsj7vZnQz qSXMhSauU7k4g+F+MmOJP2HRIl0lEo/JNrpAqrAseSnbJp4eq8OTyAL6+Z3SVNJNbcRDOHmw jb/GR8ncURcgYDYV+oCs4csrghtBnm4cWaD/RW10zlB4nQsqQ5G3jzY9aIM+NKRHSAZEbXBZ W6pyDcGRMkwSFTHXpjtFDZ6mVEMxi1nv2W8PMU+uGbs3ud4gzPZ0tT5ICR8bp71qpua4r4RQ o6rB/suiPOptOE5/rk8FiW3ho0y1xDu7bRx8UzdLS9cYCVeSvf9n9YZ6RGOH9O7dS23zfTkS 8iqYol1PmVZrNtpsWBCq4HzFtRJPs6gykFNfj2sVQXU3RHHf2ui0OKm3R0olhLVbKSw2qSPM ajP1vBuVLEMSJmucxlJQ72Im/afnOz3LlNt+/FOB0zneoKGvPpPGSP/Fr5FJYED6/l1DZl2W 8Wb76xq3HGfETHW9kwwqbbQefMu6LNQIw9CnTpSk/R9mt7AnIrKCjxfclLDfz6VBJ0grRDDF PBEVBrj7uZM0UCl/dUX0adjDxBfma/UJZcBlDVX61+41vsX6w094sveKaNdqybAIxqGnhRUq kCHm5P/IYOZrtkao/TsRIW508MJBGmxoUl2qqCj7tXtNy2tiUQARAQABzSdQZXRlciBNw7xs bGVyIDxwZXRlci5tdWVsbGVyQGxpbmszOC5ldT7CwX8EEwECACkFAlrlh/UCGyMFCQlmAYAH CwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDZSPIPfXufaDlVD/0elAwSohcC4T5jFtPt hZ1+jU9t46pwBhQ8ohKpo4/wAuVBg5B0FYb0gegcSicYWsNkhTtCjUhExMilLKTaJir5l+3V B/rU/WG7NgLYqmYsGlgHPXdLZAbOMU/0atONFYos1UZnRGmPfhLwRw3g5TBaKrfqaFBzRABE W0R+XuRoXy9ho+lNP5g0Sa+SxtOeBpLQxppObk5WLUqDKxrvHhStgM3PrJASKujsJiw19IUg ws0q+WezH8LPQd3Vc8DP56sl1/h8w2Xklsdxj1NEcO7OIrrKSNIRGyqgqvtmDi6dxh1suGUW Par/VhB+P+u0yVy8H1lZ4SFUsZJFPwHNFSN41USmT/uHf9Z7K1+qXm4zpyexrDQ+ojuXxnB1 y97cHYcYaCZ2Bo+deljXng1NF0I3CdIdhPfLv7FHRBoBw1xs0qJjUfTfSAZsYD0H/jl76bRx 4s8rrECqM7pMnE4aLiP4m6gKJKooH8QAQsmGRYAI8gG/BIHPHZUpZ8J2jRnj6GQ1MpEdcnLE Q0N7QMayDoPq177es7tey5vzofq3bDGW/O9yqUWiz3e7uaGSQnYoRGm2oCCTojvGt37yS0H8 v+ms2fokPNt8UDmpZoLFFPXDwVcnL/KBkPY665xchatKpBOtJ3lRnXdlyRJW1gGda9G5mGFn xLcWumkZ12YKmtixuM7BTQRa5Yf1ARAA4UCkVBvQhks9lApBxvfZ8ekWrticMooBkegL+KQT TPWQHTgdwkFzSneaRq0vFFcgKxmXA54OmT58y0tf09hUvTGK4COs5GTZKP/SYSWZM6xOQqaT 37fros/ma4iSS+IJw/eDh7bWKM5gllz0EuoewaTveGDWeucf7V36mRUPG47GsNk/PgCRsO5Y SLlpfT/3xH02aRnUmWjzHCkJ9EV388cIWaYo9kP4q9rbcl3IyHP0t78XpIIWH6+o/I0FgzwL GJBdJ0eAE3PNIRGYu8nqYlJ+TIpcIrEPitma6nZtiWAITRO2XDb/2o05tUlEbmlN6dUOqM7X Jvj/Z9KkYNgvYNbHXqXJ+j5gzcq0DR7DtDSDnd1WDrYivQMGBDnZR2YfFjBEsmeArdmDTZqY aqYhBN3iMCI9cErZgik6Niz6jrqBMK98geB04vrqZUYprh7zXgPu0A/EwTIJuZ+GGeEKwMVL pBc2NGxUb/kt8nr1JHAnSludD78EW6QVdpcgO4DhHxzhdDk/L8yE53b5UdvXwad5N4T1QS/Y kk80nByinD4vaIIHti9nOvLQJAro1p997YnVeY0wQ2x14Qw1rqeCOeKqB8PxmHvSK6b+nXLg Dv7HuFLovIeQd/IimGLXBDW4Bkn60HApJ5KcX+GwHp5XqPRKPmtjfMsETZn1ESjyc3sAEQEA AcLBZQQYAQIADwUCWuWH9QIbDAUJCWYBgAAKCRDZSPIPfXufaBRaEACMS5Q1BY/O5o+Vn8lD uMUczEVk/8j07gi1EV2ffutwZ5eYrKvXkuoMPEBb7SWqPUKqpTbw1pNjUf5002c2xm2r/OSZ oQMRWDztht+EMhjy0qkixMV+TvS6DcFPb8sd+KOoIBD08EBVUxpeNhAFxaRjGEDboJUwtDAd EDUJts5HnXvBqEcnkOfkwDSUWf9epa1mbyO1sO5NnMtxQY6paB2UGQPNE5/J3eo4f5s4wrxR AaM6OCCOtJxs4u0svmOCwd0D8LQ6higBq+EFesc57ZpG3pkNokrROFWRpx6OpQJUnYi5lWm8 +4xF99QfI9mHIz+jrnPcsfAiKdXb8QkeaDkR7bIU269wwKupfN6bHsKFtOnx7AhMLUddzTHA hTe8cov/tnn5xPvSZhpfknOBx+mffNQBsCETuCxPMqtDN5xFuwBxw4ZKZpKYFk/FUl6As1z4 LY2tNXb/JI58fGiLreunuvxsEkb97hmly1e19IPOTJzawB/aKRQNpIkoE11UBhKyc+kwIfVo ZCTlp+3hpBFqxEjRReSQUKKb9hA4yP3j90Fb353JbNKf9+Y3UtFPJb67koDOGtbJsk19bzPE zO0j/ek+eXxTIf5NxURVuzY6yvg57ZzW7T/tApT/LLfMEmuYz/LiijgON0uTOSp8KflwAt8m eNtEia+FigGVqn+PSQ== Subject: [PATCH v2] embed background image in redirect template Message-ID: <a4e7188d-0d34-bd62-20b5-3e4cd7b015ff@link38.eu> Date: Sat, 30 Jun 2018 09:56:28 +0200 MIME-Version: 1.0 In-Reply-To: <1f699226602f2451fdd1651b19a1f70417cf4342.camel@ipfire.org> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="r0uGrPFIchuLX898oTDL6SvAqEkmDF9op" Authentication-Results: mail01.ipfire.org; dkim=pass header.d=link38.eu; dmarc=pass (policy=none) header.from=link38.eu; spf=pass smtp.mailfrom=peter.mueller@link38.eu X-Spamd-Result: default: False [-14.63 / 11.00]; DKIM_TRACE(0.00)[link38.eu:+]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_ALLOW(-0.20)[link38.eu]; HAS_ATTACHMENT(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; MX_GOOD(-0.01)[cached: mx-nbg.link38.eu]; IP_SCORE(-3.78)[ip: (-9.91), ipnet: 37.120.160.0/19(-4.96), asn: 197540(-3.96), country: DE(-0.09)]; RCVD_IN_DNSWL_MED(-2.00)[53.167.120.37.list.dnswl.org : 127.0.6.2]; R_SPF_ALLOW(-0.20)[+ip4:37.120.167.53]; BAYES_HAM(-3.00)[100.00%]; SIGNED_PGP(-2.00)[]; ARC_NA(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; TO_DN_ALL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_COUNT_ZERO(0.00)[0]; HAS_DATA_URI(0.00)[]; DMARC_POLICY_ALLOW(-0.25)[link38.eu,none]; FROM_HAS_DN(0.00)[]; ASN(0.00)[asn:197540, ipnet:37.120.160.0/19, country:DE]; NEURAL_HAM(-2.99)[-0.997,0] X-Spam-Status: No, score=-14.63 X-Rspamd-Server: mail01.i.ipfire.org Cc: IPFire Developer Mailingliste <development@lists.ipfire.org> X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <https://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
[v2] embed background image in redirect template
|
|
Commit Message
Peter Müller
June 30, 2018, 5:56 p.m. UTC
Embed the IPFire background image into the redirect template
directly via CSS instead of loading it from somewhere else.
This is necessary because of Content Security Policy (CSP) and
fixes #11650.
This patch inserts the base64 encoded image during build so
nothing needs to be updated twice in case background image
changes.
Signed-off-by: Peter Müller <peter.mueller@link38.eu>
---
html/html/redirect-templates/legacy/template.html | 7 ++++++-
lfs/web-user-interface | 4 ++++
2 files changed, 10 insertions(+), 1 deletion(-)
Comments
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hey, On Sat, 2018-06-30 at 09:56 +0200, Peter Müller wrote: > Embed the IPFire background image into the redirect template > directly via CSS instead of loading it from somewhere else. > This is necessary because of Content Security Policy (CSP) and > fixes #11650. > > This patch inserts the base64 encoded image during build so > nothing needs to be updated twice in case background image > changes. > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > --- > html/html/redirect-templates/legacy/template.html | 7 ++++++- > lfs/web-user-interface | 4 ++++ > 2 files changed, 10 insertions(+), 1 deletion(-) > > diff --git a/html/html/redirect-templates/legacy/template.html > b/html/html/redirect-templates/legacy/template.html > index b5fb61ebe..297561e3a 100644 > --- a/html/html/redirect-templates/legacy/template.html > +++ b/html/html/redirect-templates/legacy/template.html > @@ -3,11 +3,16 @@ > <head> > <meta http-equiv="Content-Type" content="text/html; > charset=utf-8"> > <title>ACCESS MESSAGE</title> > + <style content="text/css"> > + td.image { > + background-image: > url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); > + } > + </style> > </head> > <body> > <table width="100%" height='100%' border="0"> > <tr> > - <td colspan='3' width='100%' height='130' > align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> > + <td colspan='3' width='100%' height='152px' > align="center" class="image"> </td> > <tr> > <td width='10%'> > <td align='center' bgcolor='#CC000000' > width='80%'> > diff --git a/lfs/web-user-interface b/lfs/web-user-interface > index 0c5688252..b023cbd86 100644 > --- a/lfs/web-user-interface > +++ b/lfs/web-user-interface > @@ -50,6 +50,10 @@ md5: > $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > @$(PREBUILD) > > + # Add base64 encoded background image to Squid content access page > + basedata="$( base64 $(DIR_SRC)/html/html/images/background.gif )" > + sed -i "s/IMAGEDATAPLACEHOLDER/${basedata}/g" > $(DIR_SRC)/html/html/redirect-templates/legacy/template.html Did you actually test this? > + > # Copy all html/cgi-bin files > mkdir -p /srv/web/ipfire/{cgi-bin,html} > mkdir -p /var/updatecache/{download,metadata} - -Michael -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAls3wIYACgkQgHnw/2+Q CQfpaw//VCZM16cmPJ9ZwhVfdaXUiTwaca6Oimzv8B6FZqsjGsom+NQPoSsel9b3 BuelVGkjz9pEhMXEh+tgN2bxhSTMQCEh0CTAdQjyTqtMquG/5RzAml9d17X18qGI 7InODwfXpivUwdog+A+cEI9WAXNfCaf48Np+Ncn0ouBfw7vll4BlnKIzq+5FDm47 3eB3vj28wUeW5dR+1sBh+hIIfmm8CNu2f7QPKepU1YwmILp06EJmiM7uiwxoIAyP LcW3eHbpHkuy/3JzGw1NmqCZ7L8tZsvokIbliB5n7EuRy0/FBPSNNrOjAkaJ5Ias bMVQD0do4SckT7qgJaGeel8+CrhQPo8x2ZrXoUkp1ThEotpx2uPK3NES21l1MW4p F2wYOEb4ujOrRoOUohDKUcLp37a1YKetQfJH8TAvZ9lyMEXZKPueAhyLJLcGSyOa QVI4RKnQ5F4gmYMQCwjV0ktA9EXYZirIZF58w2o9sAAnrl1wwjUVrzeeQWl8/mWp tRJkfmT6o1EgLEbdl/b6K07DX+ARaYSCxHs9pvJsiv84xP+DCkkpu3aUTWSx5ZBQ n0vBmRjkMkBE9KqZxZboWiPgJdXOBSKBRWP+DRqQed/tG9wIFOBT8kqxxpvumF3w CBjzT1L2TNiFksmAJvinRHg+KtI7ewHZHEbRJ3h7lKvZgRaJXgc= =PIh0 -----END PGP SIGNATURE-----
Hello Michael, yes, I built IPfire 2.x yesterday, and the image data were included into /srv/web/ipfire/html/redirect-templates/legacy/template.html . Is there anything wrong with this patch? Best regards, Peter Müller > Hey, > > On Sat, 2018-06-30 at 09:56 +0200, Peter Müller wrote: >> Embed the IPFire background image into the redirect template >> directly via CSS instead of loading it from somewhere else. >> This is necessary because of Content Security Policy (CSP) and >> fixes #11650. > >> This patch inserts the base64 encoded image during build so >> nothing needs to be updated twice in case background image >> changes. > >> Signed-off-by: Peter Müller <peter.mueller@link38.eu> >> --- >> html/html/redirect-templates/legacy/template.html | 7 ++++++- >> lfs/web-user-interface | 4 ++++ >> 2 files changed, 10 insertions(+), 1 deletion(-) > >> diff --git a/html/html/redirect-templates/legacy/template.html >> b/html/html/redirect-templates/legacy/template.html >> index b5fb61ebe..297561e3a 100644 >> --- a/html/html/redirect-templates/legacy/template.html >> +++ b/html/html/redirect-templates/legacy/template.html >> @@ -3,11 +3,16 @@ >> <head> >> <meta http-equiv="Content-Type" content="text/html; >> charset=utf-8"> >> <title>ACCESS MESSAGE</title> >> + <style content="text/css"> >> + td.image { >> + background-image: >> url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); >> + } >> + </style> >> </head> >> <body> >> <table width="100%" height='100%' border="0"> >> <tr> >> - <td colspan='3' width='100%' height='130' >> align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> >> + <td colspan='3' width='100%' height='152px' >> align="center" class="image"> </td> >> <tr> >> <td width='10%'> >> <td align='center' bgcolor='#CC000000' >> width='80%'> >> diff --git a/lfs/web-user-interface b/lfs/web-user-interface >> index 0c5688252..b023cbd86 100644 >> --- a/lfs/web-user-interface >> +++ b/lfs/web-user-interface >> @@ -50,6 +50,10 @@ md5: >> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >> @$(PREBUILD) > >> + # Add base64 encoded background image to Squid content access page >> + basedata="$( base64 $(DIR_SRC)/html/html/images/background.gif )" >> + sed -i "s/IMAGEDATAPLACEHOLDER/${basedata}/g" >> $(DIR_SRC)/html/html/redirect-templates/legacy/template.html > > Did you actually test this? > >> + >> # Copy all html/cgi-bin files >> mkdir -p /srv/web/ipfire/{cgi-bin,html} >> mkdir -p /var/updatecache/{download,metadata} > > -Michael >
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, On Sun, 2018-07-01 at 07:49 +0200, Peter Müller wrote: > Hello Michael, > > yes, I built IPfire 2.x yesterday, and the image data were included > into /srv/web/ipfire/html/redirect-templates/legacy/template.html . > > Is there anything wrong with this patch? Yes, see below... > Best regards, > Peter Müller > > > Hey, > > > > On Sat, 2018-06-30 at 09:56 +0200, Peter Müller wrote: > > > Embed the IPFire background image into the redirect template > > > directly via CSS instead of loading it from somewhere else. > > > This is necessary because of Content Security Policy (CSP) and > > > fixes #11650. > > > This patch inserts the base64 encoded image during build so > > > nothing needs to be updated twice in case background image > > > changes. > > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > > > --- > > > html/html/redirect-templates/legacy/template.html | 7 ++++++- > > > lfs/web-user-interface | 4 ++++ > > > 2 files changed, 10 insertions(+), 1 deletion(-) > > > diff --git a/html/html/redirect-templates/legacy/template.html > > > b/html/html/redirect-templates/legacy/template.html > > > index b5fb61ebe..297561e3a 100644 > > > --- a/html/html/redirect-templates/legacy/template.html > > > +++ b/html/html/redirect-templates/legacy/template.html > > > @@ -3,11 +3,16 @@ > > > <head> > > > <meta http-equiv="Content-Type" content="text/html; > > > charset=utf-8"> > > > <title>ACCESS MESSAGE</title> > > > + <style content="text/css"> > > > + td.image { > > > + background-image: > > > url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); > > > + } > > > + </style> > > > </head> > > > <body> > > > <table width="100%" height='100%' border="0"> > > > <tr> > > > - <td colspan='3' width='100%' height='130' > > > align="center" background="<TMPL_VAR > > > NAME="ADDRESS">/images/background.gif"> > > > + <td colspan='3' width='100%' > > > height='152px' > > > align="center" class="image"> </td> > > > <tr> > > > <td width='10%'> > > > <td align='center' bgcolor='#CC000000' > > > width='80%'> > > > diff --git a/lfs/web-user-interface b/lfs/web-user-interface > > > index 0c5688252..b023cbd86 100644 > > > --- a/lfs/web-user-interface > > > +++ b/lfs/web-user-interface > > > @@ -50,6 +50,10 @@ md5: > > > $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > > > @$(PREBUILD) > > > + # Add base64 encoded background image to Squid content access > > > page > > > + basedata="$( base64 $(DIR_SRC)/html/html/images/background.gif )" > > > + sed -i "s/IMAGEDATAPLACEHOLDER/${basedata}/g" > > > $(DIR_SRC)/html/html/redirect-templates/legacy/template.html This isn't a shell script. It is make in which every line invokes a new shell. Therefore the variable assignment happens in one shell and then the next line in executed in a new one which knows nothing about the previous variable assignment. You will have an empty image in the result file I think. - -Michael > > > > Did you actually test this? > > > > > + > > > # Copy all html/cgi-bin files > > > mkdir -p /srv/web/ipfire/{cgi-bin,html} > > > mkdir -p /var/updatecache/{download,metadata} > > > > -Michael > > > > -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAls4oLEACgkQgHnw/2+Q CQeJPA//TaqkNL0v9LL6IHEdI2hgHi64CjySvcDvdl3OjCw0oB5EEU5NivgI2jne Wbdlgq6GwJdZaMAUP753MQVCFznO29RSSwKxo9wlCaqMnYxmPe0f83WepWV4c7dL Fo8CplgYDdRk24wI7p68Gmexg2ZJj83IYHNTLQhqCI23WVhKtjiXQu0hRen/rreW KVoz/xqmjge2a34MhGOlbx7ZKDK0qzvpQC3ZmNgDn9BEOHHBdaxPal6b0NbyyaAu rNssQxhf5gAWGWvqCnKSf+hDgAckhpS5O6yvKp3SzlDvq2YSfVsAWSpTlAv4L/JY gGXRsd0cu9JMjLWD2gafCJ2cPHTZAYDo9Ll+NLIUi0deHTKPIsc+8XeL6U2z51qE SoWUtE0RI9Qbz80r7N/EDOVc6mIMJ1dxCQdEA2M+JDyBKyZOJRfpxG3Hf0k+JxxD N/V/u5IXxgb8CVOGQ99pPYVqI7qDVcP4eGjB49p32UxAplxg4z+d0E6JAYUjyjET uhlHUv9T/vlp8bt+GZTTyInTu/5qF5JWxeL78EIgcM868BnxI4S1Fq222P9suTy5 G9rxLK6Omf2I/YhLi9aTdjY358Qh6MUuxT0GCpr6FJFM+XnYnymsvACNM68Cji5s MNhDre+R68qb9KOcWv5kAi4lOH6sQaimzXSDalZ0QnWV1m+2ch8= =31DP -----END PGP SIGNATURE-----
Hello Michael, > Hi, > > On Sun, 2018-07-01 at 07:49 +0200, Peter Müller wrote: >> Hello Michael, > >> yes, I built IPfire 2.x yesterday, and the image data were included >> into /srv/web/ipfire/html/redirect-templates/legacy/template.html . > >> Is there anything wrong with this patch? > > Yes, see below... > >> Best regards, >> Peter Müller > >>> Hey, >>> >>> On Sat, 2018-06-30 at 09:56 +0200, Peter Müller wrote: >>>> Embed the IPFire background image into the redirect template >>>> directly via CSS instead of loading it from somewhere else. >>>> This is necessary because of Content Security Policy (CSP) and >>>> fixes #11650. >>>> This patch inserts the base64 encoded image during build so >>>> nothing needs to be updated twice in case background image >>>> changes. >>>> Signed-off-by: Peter Müller <peter.mueller@link38.eu> >>>> --- >>>> html/html/redirect-templates/legacy/template.html | 7 ++++++- >>>> lfs/web-user-interface | 4 ++++ >>>> 2 files changed, 10 insertions(+), 1 deletion(-) >>>> diff --git a/html/html/redirect-templates/legacy/template.html >>>> b/html/html/redirect-templates/legacy/template.html >>>> index b5fb61ebe..297561e3a 100644 >>>> --- a/html/html/redirect-templates/legacy/template.html >>>> +++ b/html/html/redirect-templates/legacy/template.html >>>> @@ -3,11 +3,16 @@ >>>> <head> >>>> <meta http-equiv="Content-Type" content="text/html; >>>> charset=utf-8"> >>>> <title>ACCESS MESSAGE</title> >>>> + <style content="text/css"> >>>> + td.image { >>>> + background-image: >>>> url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); >>>> + } >>>> + </style> >>>> </head> >>>> <body> >>>> <table width="100%" height='100%' border="0"> >>>> <tr> >>>> - <td colspan='3' width='100%' height='130' >>>> align="center" background="<TMPL_VAR >>>> NAME="ADDRESS">/images/background.gif"> >>>> + <td colspan='3' width='100%' >>>> height='152px' >>>> align="center" class="image"> </td> >>>> <tr> >>>> <td width='10%'> >>>> <td align='center' bgcolor='#CC000000' >>>> width='80%'> >>>> diff --git a/lfs/web-user-interface b/lfs/web-user-interface >>>> index 0c5688252..b023cbd86 100644 >>>> --- a/lfs/web-user-interface >>>> +++ b/lfs/web-user-interface >>>> @@ -50,6 +50,10 @@ md5: >>>> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >>>> @$(PREBUILD) >>>> + # Add base64 encoded background image to Squid content access >>>> page >>>> + basedata="$( base64 $(DIR_SRC)/html/html/images/background.gif )" >>>> + sed -i "s/IMAGEDATAPLACEHOLDER/${basedata}/g" >>>> $(DIR_SRC)/html/html/redirect-templates/legacy/template.html > > This isn't a shell script. It is make in which every line invokes a new shell. > Therefore the variable assignment happens in one shell and then the next line in > executed in a new one which knows nothing about the previous variable > assignment. This sounds correct. However, in case I ran "./make.sh build", there actually is some image data in the built file: ~> cat ~/devel/ipfire-2.x/build/srv/web/ipfire/html/redirect-templates/legacy/template.html | head -n 8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ACCESS MESSAGE</title> <style content="text/css"> td.image { background-image: url(data:image/gif;base64,iVBORw0KGgoAAAANSUhEUgAAAH0AAACaCAYAAACEwUcfAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAgY0hSTQAAeiYAAICEAAD6AAAAgOgAAHUwAADqYAAAOpgAABdwnLpRPAAAABh0RVh0U29mdHdhcmUAUGFpbnQuTkVUIHYzLjA39c2BcAAAqsJJREFUeF7svQV4XVeSLVyXhGZmZo6ZYmamOGa2Y8cMScx2zEwxMzMzyMwg27JlMTOzdPnWv+pIctSZdL+e93p6euZvJ+s7l3TvOWftgl27qraK/pv/5VWRauxUUg92Jo2xGmnCzWRX1IHsSqpJ7ZCH1KkqspodyJyaQNYonYrYqLLlsuXX5KMUVWG1VWcykKM2r9bOwVFdwFlL+TV2qoJaNecjC5PVZotOMqn8A4ymkJuRlPZpOVnuhJEt+5I1alJpaxFVaU3UMQ9pq5UnTakyZFfEQa3Tkp1dLgeVTq1ROai0Fkc7tcbZTsNOap0qD6lUBXUaVSEtUV6dTuXAxFaVjVPIpgkxmDgoSV8g0BZvl3j4hZ/hqCuZ/C8R/zff5n+tn/9WR6oNB0nz9CjZ+a4mpxfnKe/9I1TI8xyVDDhBZcKvUHnfa1Qy8BIV8T1DeT+eVud/dd6+0IeLeYt7XcpTJuSaQ9WYu7pG8Q/sOyY/cRyW9sJhKjA3/ZndlIRH2u4BD7TVX96nfEvukI6OkQpXL6Ce5Ui1pAmp964njcsD0p5wIcdrVynfpztUyM1FVcrribpK0DtN7eAPuiZhbvZtor44dov1dhwY5+s4McnfcbE+0GmbKdjxiDnM4ZQlzAlHp42mQOdpGX55Okd4Fq/kca9g3qVrya5nC1Jn/ebX3/7XYuC/6WymDSXNy4ukCz1KTqGnKZ8rCH53gkqHHKFKUWepWvwVqhx3i8qFulDxiNua4mE3nEsE3bAvG3TXsXbUQ6cWSc8deqW8tB+f8dphgf6N/Yr013aLU55pR0c9Un/r8YTKnrtNuceNIF2eeqRRaUidqxapa4wgzepfnXXXLpWxdz1eNJ/bpbyFPO85lw946lQv7IVjmxhX516J7o5DE7wcJib7OMxJ83NckubvuC49wGGnIdDhqDnE/jJw2xrucMsc7nDeHOm4HcTPNAbn6pzsUbDym+e6vDu3ka5Crn+T/leH1cMjpPPeSbnizlHB0LNU/MtpSPgxqhZ3huoknwNuULVoF1WFuCe6clEujpWjXXLXj3mSq13ia+fBKW8dZqa+s19tcLXfaXhvtz3jpW5+0lPtAJDeMOS+qrTHNSp04zTl2rmE7Be1IN24xqRd1chet2pOecdNKwrndtlZtOj7MwUrBrjkbRz7JleXRHf7MaleDvPTfew3GvztD5iC7c+YQuyuWELtb5pD7e4BD8zhdo+Ah5YI+zvmKLvz1ij7bZZwh6nG4DztI/0LlXv00CnPmLGk1Rb8ql0UDfPvf1l3YDLs+oUJpHu3jXL7HaWi8cepbMBpqgr1Xiv2DDVIPk+N0q9T3WQXqpF4W1Mj+pFDk7hnTl2S3zgNT3N1+Cnd1X6j/oP9UeNH3TnDe92h9Fe6RWmvNEMSnmjbxzyxrx/0wK66+x11+dvHVUUP/kZ5NixXOS39RWW/azo5Ht1Mua4dUed/cUFb2ueuXe2IVw7tkz46jE/3sl9m8Lc7YgrUXbcE2923hOgeW8J0DwEh/ZYlzO6qJUJ33hxhd8IcabfLHGG/zBTqNCo9JHeLcPdcpS4eIaeqlQhuw+8m5d+E/34HV [rest of the base64 block redacted] So I guess the result of this patch is okay, but the question is why. :-) Best regards, Peter Müller > > You will have an empty image in the result file I think. > > -Michael > >>> >>> Did you actually test this? >>> >>>> + >>>> # Copy all html/cgi-bin files >>>> mkdir -p /srv/web/ipfire/{cgi-bin,html} >>>> mkdir -p /var/updatecache/{download,metadata} >>> >>> -Michael >>>
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Sun, 2018-07-01 at 13:45 +0200, Peter Müller wrote: > Hello Michael, > > > Hi, > > > > On Sun, 2018-07-01 at 07:49 +0200, Peter Müller wrote: > > > Hello Michael, > > > yes, I built IPfire 2.x yesterday, and the image data were included > > > into /srv/web/ipfire/html/redirect-templates/legacy/template.html . > > > Is there anything wrong with this patch? > > > > Yes, see below... > > > > > Best regards, > > > Peter Müller > > > > Hey, > > > > > > > > On Sat, 2018-06-30 at 09:56 +0200, Peter Müller wrote: > > > > > Embed the IPFire background image into the redirect template > > > > > directly via CSS instead of loading it from somewhere else. > > > > > This is necessary because of Content Security Policy (CSP) and > > > > > fixes #11650. > > > > > This patch inserts the base64 encoded image during build so > > > > > nothing needs to be updated twice in case background image > > > > > changes. > > > > > Signed-off-by: Peter Müller <peter.mueller@link38.eu> > > > > > --- > > > > > html/html/redirect-templates/legacy/template.html | 7 ++++++- > > > > > lfs/web-user-interface | 4 ++++ > > > > > 2 files changed, 10 insertions(+), 1 deletion(-) > > > > > diff --git a/html/html/redirect-templates/legacy/template.html > > > > > b/html/html/redirect-templates/legacy/template.html > > > > > index b5fb61ebe..297561e3a 100644 > > > > > --- a/html/html/redirect-templates/legacy/template.html > > > > > +++ b/html/html/redirect-templates/legacy/template.html > > > > > @@ -3,11 +3,16 @@ > > > > > <head> > > > > > <meta http-equiv="Content-Type" content="text/html; > > > > > charset=utf-8"> > > > > > <title>ACCESS MESSAGE</title> > > > > > + <style content="text/css"> > > > > > + td.image { > > > > > + background-image: > > > > > url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); > > > > > + } > > > > > + </style> > > > > > </head> > > > > > <body> > > > > > <table width="100%" height='100%' border="0"> > > > > > <tr> > > > > > - <td colspan='3' width='100%' > > > > > height='130' > > > > > align="center" background="<TMPL_VAR > > > > > NAME="ADDRESS">/images/background.gif"> > > > > > + <td colspan='3' width='100%' > > > > > height='152px' > > > > > align="center" class="image"> </td> > > > > > <tr> > > > > > <td width='10%'> > > > > > <td align='center' > > > > > bgcolor='#CC000000' > > > > > width='80%'> > > > > > diff --git a/lfs/web-user-interface b/lfs/web-user-interface > > > > > index 0c5688252..b023cbd86 100644 > > > > > --- a/lfs/web-user-interface > > > > > +++ b/lfs/web-user-interface > > > > > @@ -50,6 +50,10 @@ md5: > > > > > $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > > > > > @$(PREBUILD) > > > > > + # Add base64 encoded background image to Squid content access > > > > > page > > > > > + basedata="$( base64 > > > > > $(DIR_SRC)/html/html/images/background.gif )" > > > > > + sed -i "s/IMAGEDATAPLACEHOLDER/${basedata}/g" > > > > > $(DIR_SRC)/html/html/redirect-templates/legacy/template.html > > > > This isn't a shell script. It is make in which every line invokes a new > > shell. > > Therefore the variable assignment happens in one shell and then the next > > line in > > executed in a new one which knows nothing about the previous variable > > assignment. > > This sounds correct. However, in case I ran "./make.sh build", there actually > is some image data in the built file: > > ~> cat ~/devel/ipfire-2.x/build/srv/web/ipfire/html/redirect- > templates/legacy/template.html | head -n 8 > <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> > <html> > <head> > <meta http-equiv="Content-Type" content="text/html; charset=utf- > 8"> > <title>ACCESS MESSAGE</title> > <style content="text/css"> > td.image { > background-image: > url(data:image/gif;base64,iVBORw0KGgoAAAANSUhEUgAAAH0AAACaCAYAAACEwUcfAAAAAXNS > R0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAgY0hSTQAAeiYAAICEAAD6AAAAgOgAAHUwAADqYAAAOp > gAABdwnLpRPAAAABh0RVh0U29mdHdhcmUAUGFpbnQuTkVUIHYzLjA39c2BcAAAqsJJREFUeF7svQV4 > XVeSLVyXhGZmZo6ZYmamOGa2Y8cMScx2zEwxMzMzyMwg27JlMTOzdPnWv+pIctSZdL+e93p6euZvJ+ > s7l3TvOWftgl27qraK/pv/5VWRauxUUg92Jo2xGmnCzWRX1IHsSqpJ7ZCH1KkqspodyJyaQNYonYrY > qLLlsuXX5KMUVWG1VWcykKM2r9bOwVFdwFlL+TV2qoJaNecjC5PVZotOMqn8A4ymkJuRlPZpOVnuhJ > Et+5I1alJpaxFVaU3UMQ9pq5UnTakyZFfEQa3Tkp1dLgeVTq1ROai0Fkc7tcbZTsNOap0qD6lUBXUa > VSEtUV6dTuXAxFaVjVPIpgkxmDgoSV8g0BZvl3j4hZ/hqCuZ/C8R/zff5n+tn/9WR6oNB0nz9CjZ+a > 4mpxfnKe/9I1TI8xyVDDhBZcKvUHnfa1Qy8BIV8T1DeT+eVud/dd6+0IeLeYt7XcpTJuSaQ9WYu7pG > 8Q/sOyY/cRyW9sJhKjA3/ZndlIRH2u4BD7TVX96nfEvukI6OkQpXL6Ce5Ui1pAmp964njcsD0p5wIc > drVynfpztUyM1FVcrribpK0DtN7eAPuiZhbvZtor44dov1dhwY5+s4McnfcbE+0GmbKdjxiDnM4ZQl > zAlHp42mQOdpGX55Okd4Fq/kca9g3qVrya5nC1Jn/ebX3/7XYuC/6WymDSXNy4ukCz1KTqGnKZ8rCH > 53gkqHHKFKUWepWvwVqhx3i8qFulDxiNua4mE3nEsE3bAvG3TXsXbUQ6cWSc8deqW8tB+f8dphgf6N > /Yr013aLU55pR0c9Un/r8YTKnrtNuceNIF2eeqRRaUidqxapa4wgzepfnXXXLpWxdz1eNJ/bpbyFPO > 85lw946lQv7IVjmxhX516J7o5DE7wcJib7OMxJ83NckubvuC49wGGnIdDhqDnE/jJw2xrucMsc7nDe > HOm4HcTPNAbn6pzsUbDym+e6vDu3ka5Crn+T/leH1cMjpPPeSbnizlHB0LNU/MtpSPgxqhZ3huoknw > NuULVoF1WFuCe6clEujpWjXXLXj3mSq13ia+fBKW8dZqa+s19tcLXfaXhvtz3jpW5+0lPtAJDeMOS+ > qrTHNSp04zTl2rmE7Be1IN24xqRd1chet2pOecdNKwrndtlZtOj7MwUrBrjkbRz7JleXRHf7MaleDv > PTfew3GvztD5iC7c+YQuyuWELtb5pD7e4BD8zhdo+Ah5YI+zvmKLvz1ij7bZZwh6nG4DztI/0LlXv0 > 0CnPmLGk1Rb8ql0UDfPvf1l3YDLs+oUJpHu3jXL7HaWi8cepbMBpqgr1Xiv2DDVIPk+N0q9T3WQXqp > F4W1Mj+pFDk7hnTl2S3zgNT3N1+Cnd1X6j/oP9UeNH3TnDe92h9Fe6RWmvNEMSnmjbxzyxrx/0wK66 > +x11+dvHVUUP/kZ5NixXOS39RWW/azo5Ht1Mua4dUed/cUFb2ueuXe2IVw7tkz46jE/3sl9m8Lc7Yg > rUXbcE2923hOgeW8J0DwEh/ZYlzO6qJUJ33hxhd8IcabfLHGG/zBTqNCo9JHeLcPdcpS4eIaeqlQhu > w+8m5d+E/34HV > [rest of the base64 block redacted] > > So I guess the result of this patch is okay, but the question is why. :-) That must be an old file from a non-clean build. You are also modifying the source file. And you did not escape the $ in the Makefile. - -Michael > > Best regards, > Peter Müller > > > > You will have an empty image in the result file I think. > > > > -Michael > > > > > > > > > > Did you actually test this? > > > > > > > > > + > > > > > # Copy all html/cgi-bin files > > > > > mkdir -p /srv/web/ipfire/{cgi-bin,html} > > > > > mkdir -p /var/updatecache/{download,metadata} > > > > > > > > -Michael > > > > > > -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5/rW5l3GGe2ypktxgHnw/2+QCQcFAls7R9IACgkQgHnw/2+Q CQcgRBAAsX8YNxXaPCoKr7qoaSoHacSlabGf30KARfS3Wri1kR9twtGx1t9nO7+z 49zTG5EnVW9wqYOM7XBsOb5G2lLaiHJ7lgx9xqnh2NaHc1cRBsYDZ0w3cWdyO4RX sxLXw7Lf/Z1Qj/RSgHelNaoTRbZ+pajkgVmHPqBr1LPpDAMtrNBGyvZoGn+ybFii 6wV7w1UTIrhXGjKBQWYRWaZdqq341Z61voCabFdaWUjHEjYcfFVcada6mcDec+by N5MzLwILVlW3gumwEVDGCY29l+VCcznsiuuJ5ihRNLeMJeXFfzH81uLuWvLO9/Nt T+ag7KPXGrjxyeVJc4L60DU/DKxzAEmj5WeH914OGiTNk8PsL1EiDCZCPCVKDZKG LF5YxNpFEEZoks3NfCPXA02y2Evx1LhcAR74lBgxKKFyUmZHgk2qcDi6uuTzwAea 3TKTi4Jcaxhme5RTDgwtDnQP3KyQQaT+3H2/sFSuJoU/pcR2nbCykV3NvsZTsrtW oLzB/TPPdhDcHeiykts+crqA6U9BtPGTKSV5kFZhXc9NGO0ovk/u0VEA0f+zppep DSL7hTZFMq7CKkvo4rpacKLAArFg8/FOlFzhGMJtz4jNwmyvbvvHdpWd90wmONGy /cKUwOlz+XwaHqFxlq9dTV/q1Nh1ykuhzVY37KVLuiqEgNWsNjo= =NTto -----END PGP SIGNATURE-----
diff --git a/html/html/redirect-templates/legacy/template.html b/html/html/redirect-templates/legacy/template.html index b5fb61ebe..297561e3a 100644 --- a/html/html/redirect-templates/legacy/template.html +++ b/html/html/redirect-templates/legacy/template.html @@ -3,11 +3,16 @@ <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>ACCESS MESSAGE</title> + <style content="text/css"> + td.image { + background-image: url(data:image/gif;base64,IMAGEDATAPLACEHOLDER); + } + </style> </head> <body> <table width="100%" height='100%' border="0"> <tr> - <td colspan='3' width='100%' height='130' align="center" background="<TMPL_VAR NAME="ADDRESS">/images/background.gif"> + <td colspan='3' width='100%' height='152px' align="center" class="image"> </td> <tr> <td width='10%'> <td align='center' bgcolor='#CC000000' width='80%'> diff --git a/lfs/web-user-interface b/lfs/web-user-interface index 0c5688252..b023cbd86 100644 --- a/lfs/web-user-interface +++ b/lfs/web-user-interface @@ -50,6 +50,10 @@ md5: $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) + # Add base64 encoded background image to Squid content access page + basedata="$( base64 $(DIR_SRC)/html/html/images/background.gif )" + sed -i "s/IMAGEDATAPLACEHOLDER/${basedata}/g" $(DIR_SRC)/html/html/redirect-templates/legacy/template.html + # Copy all html/cgi-bin files mkdir -p /srv/web/ipfire/{cgi-bin,html} mkdir -p /var/updatecache/{download,metadata}