pt
/
jellyfin
mirror of https://github.com/jellyfin/jellyfin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add xframe setting

This commit is contained in:
Luke Pulverenti 2015-06-13 00:14:48 -04:00
parent b04ee97822
commit 5eb0006588
8 changed files with 91 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
MediaBrowser.Model/Configuration/ServerConfiguration.cs
View File

@ -208,6 +208,8 @@ namespace MediaBrowser.Model.Configuration
public bool EnableVideoArchiveFiles { get; set; } public bool EnableVideoArchiveFiles { get; set; }
public int RemoteClientBitrateLimit { get; set; } public int RemoteClientBitrateLimit { get; set; }
public bool DenyIFrameEmbedding { get; set; }
/// <summary> /// <summary>
/// Initializes a new instance of the <see cref="ServerConfiguration" /> class. /// Initializes a new instance of the <see cref="ServerConfiguration" /> class.
/// </summary> /// </summary>
@ -224,6 +226,7 @@ namespace MediaBrowser.Model.Configuration
EnableDashboardResourceMinification = true; EnableDashboardResourceMinification = true;
EnableAutomaticRestart = true; EnableAutomaticRestart = true;
DenyIFrameEmbedding = true;
EnableUPnP = true; EnableUPnP = true;

10
MediaBrowser.Server.Implementations/HttpServer/HttpListenerHost.cs
View File

@ -1,6 +1,7 @@
using Funq; using Funq;
using MediaBrowser.Common; using MediaBrowser.Common;
using MediaBrowser.Common.Extensions; using MediaBrowser.Common.Extensions;
using MediaBrowser.Controller.Configuration;
using MediaBrowser.Controller.Net; using MediaBrowser.Controller.Net;
using MediaBrowser.Model.Logging; using MediaBrowser.Model.Logging;
using MediaBrowser.Server.Implementations.HttpServer.SocketSharp; using MediaBrowser.Server.Implementations.HttpServer.SocketSharp;
@ -43,6 +44,8 @@ namespace MediaBrowser.Server.Implementations.HttpServer
public string CertificatePath { get; private set; } public string CertificatePath { get; private set; }
private readonly IServerConfigurationManager _config;
/// <summary> /// <summary>
/// Gets the local end points. /// Gets the local end points.
/// </summary> /// </summary>
@ -63,12 +66,13 @@ namespace MediaBrowser.Server.Implementations.HttpServer
public HttpListenerHost(IApplicationHost applicationHost, public HttpListenerHost(IApplicationHost applicationHost,
ILogManager logManager, ILogManager logManager,
IServerConfigurationManager config,
string serviceName, string serviceName,
string defaultRedirectPath, string defaultRedirectPath, params Assembly[] assembliesWithServices)
params Assembly[] assembliesWithServices)
: base(serviceName, assembliesWithServices) : base(serviceName, assembliesWithServices)
{ {
DefaultRedirectPath = defaultRedirectPath; DefaultRedirectPath = defaultRedirectPath;
_config = config;
_logger = logManager.GetLogger("HttpServer"); _logger = logManager.GetLogger("HttpServer");
@ -115,7 +119,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer
} }
}); });
HostContext.GlobalResponseFilters.Add(new ResponseFilter(_logger).FilterResponse); HostContext.GlobalResponseFilters.Add(new ResponseFilter(_logger, () => _config.Configuration.DenyIFrameEmbedding).FilterResponse);
} }
public override void OnAfterInit() public override void OnAfterInit()

8
MediaBrowser.Server.Implementations/HttpServer/ResponseFilter.cs
View File

@ -12,10 +12,12 @@ namespace MediaBrowser.Server.Implementations.HttpServer
{ {
private static readonly CultureInfo UsCulture = new CultureInfo("en-US"); private static readonly CultureInfo UsCulture = new CultureInfo("en-US");
private readonly ILogger _logger; private readonly ILogger _logger;
private readonly Func<bool> _denyIframeEmbedding;
public ResponseFilter(ILogger logger) public ResponseFilter(ILogger logger, Func<bool> denyIframeEmbedding)
{ {
_logger = logger; _logger = logger;
_denyIframeEmbedding = denyIframeEmbedding;
} }
/// <summary> /// <summary>
@ -28,7 +30,11 @@ namespace MediaBrowser.Server.Implementations.HttpServer
{ {
// Try to prevent compatibility view // Try to prevent compatibility view
res.AddHeader("X-UA-Compatible", "IE=Edge"); res.AddHeader("X-UA-Compatible", "IE=Edge");
if (_denyIframeEmbedding())
{
res.AddHeader("X-Frame-Options", "DENY"); res.AddHeader("X-Frame-Options", "DENY");
}
var exception = dto as Exception; var exception = dto as Exception;

5
MediaBrowser.Server.Implementations/HttpServer/ServerFactory.cs
View File

@ -1,4 +1,5 @@
using MediaBrowser.Common; using MediaBrowser.Common;
using MediaBrowser.Controller.Configuration;
using MediaBrowser.Controller.Net; using MediaBrowser.Controller.Net;
using MediaBrowser.Model.Logging; using MediaBrowser.Model.Logging;
using ServiceStack.Logging; using ServiceStack.Logging;
@ -15,17 +16,19 @@ namespace MediaBrowser.Server.Implementations.HttpServer
/// </summary> /// </summary>
/// <param name="applicationHost">The application host.</param> /// <param name="applicationHost">The application host.</param>
/// <param name="logManager">The log manager.</param> /// <param name="logManager">The log manager.</param>
/// <param name="config">The configuration.</param>
/// <param name="serverName">Name of the server.</param> /// <param name="serverName">Name of the server.</param>
/// <param name="defaultRedirectpath">The default redirectpath.</param> /// <param name="defaultRedirectpath">The default redirectpath.</param>
/// <returns>IHttpServer.</returns> /// <returns>IHttpServer.</returns>
public static IHttpServer CreateServer(IApplicationHost applicationHost, public static IHttpServer CreateServer(IApplicationHost applicationHost,
ILogManager logManager, ILogManager logManager,
IServerConfigurationManager config,
string serverName, string serverName,
string defaultRedirectpath) string defaultRedirectpath)
{ {
LogManager.LogFactory = new ServerLogFactory(logManager); LogManager.LogFactory = new ServerLogFactory(logManager);
return new HttpListenerHost(applicationHost, logManager, serverName, defaultRedirectpath); return new HttpListenerHost(applicationHost, logManager, config, serverName, defaultRedirectpath);
} }
} }
} }

2
MediaBrowser.Server.Startup.Common/ApplicationHost.cs
View File

@ -431,7 +431,7 @@ namespace MediaBrowser.Server.Startup.Common
RegisterSingleInstance<ISearchEngine>(() => new SearchEngine(LogManager, LibraryManager, UserManager)); RegisterSingleInstance<ISearchEngine>(() => new SearchEngine(LogManager, LibraryManager, UserManager));
HttpServer = ServerFactory.CreateServer(this, LogManager, "Emby", "web/index.html"); HttpServer = ServerFactory.CreateServer(this, LogManager, ServerConfigurationManager, "Emby", "web/index.html");
RegisterSingleInstance(HttpServer, false); RegisterSingleInstance(HttpServer, false);
progress.Report(10); progress.Report(10);

63
MediaBrowser.WebDashboard/Api/DashboardService.cs
View File

@ -1,4 +1,5 @@
using MediaBrowser.Common.Extensions; using System.Text;
using MediaBrowser.Common.Extensions;
using MediaBrowser.Common.IO; using MediaBrowser.Common.IO;
using MediaBrowser.Controller; using MediaBrowser.Controller;
using MediaBrowser.Controller.Configuration; using MediaBrowser.Controller.Configuration;
@ -16,6 +17,7 @@ using System.Collections.Generic;
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Threading.Tasks; using System.Threading.Tasks;
using WebMarkupMin.Core.Minifiers;
namespace MediaBrowser.WebDashboard.Api namespace MediaBrowser.WebDashboard.Api
{ {
@ -308,6 +310,11 @@ namespace MediaBrowser.WebDashboard.Api
File.Delete(Path.Combine(path, "thirdparty", "jquerymobile-1.4.5", "jquery.mobile-1.4.5.min.map")); File.Delete(Path.Combine(path, "thirdparty", "jquerymobile-1.4.5", "jquery.mobile-1.4.5.min.map"));
} }
MinifyCssDirectory(Path.Combine(path, "css"));
MinifyJsDirectory(Path.Combine(path, "scripts"));
MinifyJsDirectory(Path.Combine(path, "thirdparty", "apiclient"));
MinifyJsDirectory(Path.Combine(path, "voice"));
await DumpHtml(creator.DashboardUIPath, path, mode, culture, appVersion); await DumpHtml(creator.DashboardUIPath, path, mode, culture, appVersion);
await DumpJs(creator.DashboardUIPath, path, mode, culture, appVersion); await DumpJs(creator.DashboardUIPath, path, mode, culture, appVersion);
@ -317,6 +324,60 @@ namespace MediaBrowser.WebDashboard.Api
return ""; return "";
} }
private void MinifyCssDirectory(string path)
{
foreach (var file in Directory.GetFiles(path, "*.css", SearchOption.AllDirectories))
{
try
{
var text = File.ReadAllText(file, Encoding.UTF8);
var result = new KristensenCssMinifier().Minify(text, false, Encoding.UTF8);
if (result.Errors.Count > 0)
{
Logger.Error("Error minifying css: " + result.Errors[0].Message);
}
else
{
text = result.MinifiedContent;
File.WriteAllText(file, text, Encoding.UTF8);
}
}
catch (Exception ex)
{
Logger.ErrorException("Error minifying css", ex);
}
}
}
private void MinifyJsDirectory(string path)
{
foreach (var file in Directory.GetFiles(path, "*.js", SearchOption.AllDirectories))
{
try
{
var text = File.ReadAllText(file, Encoding.UTF8);
var result = new CrockfordJsMinifier().Minify(text, false, Encoding.UTF8);
if (result.Errors.Count > 0)
{
Logger.Error("Error minifying javascript: " + result.Errors[0].Message);
}
else
{
text = result.MinifiedContent;
File.WriteAllText(file, text, Encoding.UTF8);
}
}
catch (Exception ex)
{
Logger.ErrorException("Error minifying css", ex);
}
}
}
private async Task DumpHtml(string source, string destination, string mode, string culture, string appVersion) private async Task DumpHtml(string source, string destination, string mode, string culture, string appVersion)
{ {
foreach (var file in Directory.GetFiles(source, "*.html", SearchOption.TopDirectoryOnly)) foreach (var file in Directory.GetFiles(source, "*.html", SearchOption.TopDirectoryOnly))

1
MediaBrowser.WebDashboard/Api/PackageCreator.cs
View File

@ -548,7 +548,6 @@ namespace MediaBrowser.WebDashboard.Api
"nowplayingbar.js", "nowplayingbar.js",
"alphapicker.js", "alphapicker.js",
"directorybrowser.js", "directorybrowser.js",
"indexpage.js",
"moviecollections.js", "moviecollections.js",
"notifications.js", "notifications.js",
"remotecontrol.js", "remotecontrol.js",

3
MediaBrowser.WebDashboard/MediaBrowser.WebDashboard.csproj
View File

@ -120,6 +120,9 @@
<Content Include="dashboard-ui\scripts\htmlmediarenderer.js"> <Content Include="dashboard-ui\scripts\htmlmediarenderer.js">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory> <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</Content> </Content>
<Content Include="dashboard-ui\scripts\sections.js">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</Content>
<Content Include="dashboard-ui\thirdparty\apiclient\localassetmanager.js"> <Content Include="dashboard-ui\thirdparty\apiclient\localassetmanager.js">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory> <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</Content> </Content>