allerta-vvf
/
allerta-vvf
mirror of https://github.com/allerta-vvf/allerta-vvf
1
0
Fork 0
Code Issues Releases Wiki Activity

fixes for flutter client

This commit is contained in:
Matteo Gheza 2021-04-03 17:47:34 +02:00
parent c3bf127c46
commit 6600361315
3 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/core.php
View File

@ -353,7 +353,8 @@ class user
$this->database = $database;
$this->tools = $tools;
$this->auth = new \Delight\Auth\Auth($database->connection, $tools->get_ip(), DB_PREFIX."_", false);
if(isset($_REQUEST["apiKey"])){
\header_remove('X-Frame-Options');
if(isset($_REQUEST["apiKey"]) && !is_null($_REQUEST["apiKey"])){
$api_key_row = $this->database->exec("SELECT * FROM `%PREFIX%_api_keys` WHERE apikey = :apikey;", true, [":apikey" => $_REQUEST["apiKey"]]);
if(!empty($api_key_row)){
$user = $this->database->exec("SELECT * FROM `%PREFIX%_profiles` WHERE id = :id;", true, [":id" => $api_key_row[0]["user"]]);
@ -834,7 +835,6 @@ function init_class($enableDebugger=true, $headers=true)
header("X-Content-Security-Policy: $csp");
header("X-WebKit-CSP: $csp");
header("X-XSS-Protection: 1; mode=block");
header("X-Frame-Options: DENY");
header("X-Content-Type-Options: nosniff");
header("Feature-Policy: autoplay 'none'; camera 'none'; microphone 'none'; payment 'none'");
}

4
server/templates/base.html
View File

@ -91,6 +91,7 @@
{% if enable_debug_bar %}{{ debug_bar_head|raw }}{% endif %}
</head>
<body>
{% if show_menu %}
{% block menu %}
<!-- Menu -->
<div class="topnav" id="topNavBar">
@ -107,6 +108,7 @@
</div>
<!-- /Menu -->
{% endblock %}
{% endif %}
<div class="alert alert-danger m-3" id="offline_alert" style="display: none" role="alert">
<b>{{ 'You are offline'|t }}.</b> {{ 'Last update'|t }}: <p style="display: inline" id="offline_update"></p>
</div>
@ -119,6 +121,7 @@
</div>
<!-- /Content -->
{% if enable_debug_bar %}{{ debug_bar|raw }}{% endif %}
{% if show_footer %}
{% block footer %}
<!-- Footer -->
<div class="text-center p-3" style="background-color: rgba(0, 0, 0, 0.2);">
@ -127,5 +130,6 @@
</div>
<!-- /Footer -->
{% endblock %}
{% endif %}
</body>
</html>

3
server/ui.php
View File

@ -77,6 +77,8 @@ function loadtemplate($templatename, $data, $requirelogin=true)
$data['enable_technical_support'] = $database->get_option("enable_technical_support");
$data['technical_support_key'] = $database->get_option("technical_support_key");
$data['technical_support_open'] = isset($_COOKIE["chat"]);
$data['show_menu'] = !isset($_REQUEST["hide_menu"]);
$data['show_footer'] = !isset($_REQUEST["hide_footer"]);
if($database->get_option("use_custom_error_sound")) {
$data['error_sound'] = "custom-error.mp3";
} else {
@ -87,6 +89,7 @@ function loadtemplate($templatename, $data, $requirelogin=true)
} else {
$data['error_image'] = "error.gif";
}
\header_remove('X-Frame-Options');
$template = $twig->load($templatename);
if(isset($_SERVER["HTTP_X_PJAX"]) || isset($_GET["X_PJAX"]) || isset($_GET["_PJAX"])) {
$data["pjax_requested"] = true;