Added options to disable custom code in themes
This commit is contained in:
parent
9f8b865a35
commit
25afd8f074
4
.env
4
.env
|
@ -81,3 +81,7 @@ CUSTOM_META_TAGS=false
|
||||||
#=FORCE_HTTPS either true or false. Used to redirect any request to HTTPS.
|
#=FORCE_HTTPS either true or false. Used to redirect any request to HTTPS.
|
||||||
#=Note that this will only affect port 443 if you are using the docker image.
|
#=Note that this will only affect port 443 if you are using the docker image.
|
||||||
FORCE_HTTPS=false
|
FORCE_HTTPS=false
|
||||||
|
|
||||||
|
#=Defines wether or not themes are allowed to inject custom code.
|
||||||
|
#=Themes V2 can now implement fully custom code which you might want to disable for security reasons.
|
||||||
|
ALLOW_CUSTOM_CODE_IN_THEMES=true
|
|
@ -13,6 +13,9 @@
|
||||||
if(EnvEditor::keyExists('MAINTENANCE_MODE')){ /* Do nothing if key already exists */
|
if(EnvEditor::keyExists('MAINTENANCE_MODE')){ /* Do nothing if key already exists */
|
||||||
} else {EnvEditor::addKey('MAINTENANCE_MODE', 'false');}
|
} else {EnvEditor::addKey('MAINTENANCE_MODE', 'false');}
|
||||||
|
|
||||||
|
if(EnvEditor::keyExists('ALLOW_CUSTOM_CODE_IN_THEMES')){ /* Do nothing if key already exists */
|
||||||
|
} else {EnvEditor::addKey('ALLOW_CUSTOM_CODE_IN_THEMES', 'true');}
|
||||||
|
|
||||||
if (!config()->has('advanced-config.expand_panel_admin_menu_permanently') and !config()->has('disable_default_password_notice')) {
|
if (!config()->has('advanced-config.expand_panel_admin_menu_permanently') and !config()->has('disable_default_password_notice')) {
|
||||||
|
|
||||||
function getStringBetween($string, $start, $end) {
|
function getStringBetween($string, $start, $end) {
|
||||||
|
|
|
@ -23,7 +23,7 @@ $path = url('themes/' . $GLOBALS['themeName'] . '/extra/custom-assets/' . $path)
|
||||||
return $path;}
|
return $path;}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
@if(theme('enable_custom_code') == "true" and theme('enable_custom_head') == "true")@include($GLOBALS['themeName'] . '.extra.custom-head')@endif
|
@if(theme('enable_custom_code') == "true" and theme('enable_custom_head') == "true" and env('ALLOW_CUSTOM_CODE_IN_THEMES') == 'true')@include($GLOBALS['themeName'] . '.extra.custom-head')@endif
|
||||||
|
|
||||||
@include('layouts.analytics')
|
@include('layouts.analytics')
|
||||||
|
|
||||||
|
@ -91,7 +91,7 @@ return $path;}
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
|
|
||||||
@if(theme('enable_custom_code') == "true" and theme('enable_custom_body') == "true")@include($GLOBALS['themeName'] . '.extra.custom-body')@endif
|
@if(theme('enable_custom_code') == "true" and theme('enable_custom_body') == "true" and env('ALLOW_CUSTOM_CODE_IN_THEMES') == 'true')@include($GLOBALS['themeName'] . '.extra.custom-body')@endif
|
||||||
|
|
||||||
@if(config('advanced-config.home_theme') != '' and config('advanced-config.home_theme') != 'default')
|
@if(config('advanced-config.home_theme') != '' and config('advanced-config.home_theme') != 'default')
|
||||||
<!-- Enables parallax background animations -->
|
<!-- Enables parallax background animations -->
|
||||||
|
@ -234,6 +234,6 @@ foreach($pages as $page)
|
||||||
</div>
|
</div>
|
||||||
</body>
|
</body>
|
||||||
|
|
||||||
@if(theme('enable_custom_code') == "true" and theme('enable_custom_body_end') == "true")@include($GLOBALS['themeName'] . '.extra.custom-body-end')@endif
|
@if(theme('enable_custom_code') == "true" and theme('enable_custom_body_end') == "true" and env('ALLOW_CUSTOM_CODE_IN_THEMES') == 'true')@include($GLOBALS['themeName'] . '.extra.custom-body-end')@endif
|
||||||
|
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -23,7 +23,7 @@ $path = url('themes/' . $GLOBALS['themeName'] . '/extra/custom-assets/' . $path)
|
||||||
return $path;}
|
return $path;}
|
||||||
?>
|
?>
|
||||||
|
|
||||||
@if(theme('enable_custom_code') == "true" and theme('enable_custom_head') == "true")@include($GLOBALS['themeName'] . '.extra.custom-head')@endif
|
@if(theme('enable_custom_code') == "true" and theme('enable_custom_head') == "true" and env('ALLOW_CUSTOM_CODE_IN_THEMES') == 'true')@include($GLOBALS['themeName'] . '.extra.custom-head')@endif
|
||||||
|
|
||||||
@include('layouts.analytics')
|
@include('layouts.analytics')
|
||||||
|
|
||||||
|
@ -124,7 +124,7 @@ return $path;}
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
|
|
||||||
@if(theme('enable_custom_code') == "true" and theme('enable_custom_body') == "true")@include($GLOBALS['themeName'] . '.extra.custom-body')@endif
|
@if(theme('enable_custom_code') == "true" and theme('enable_custom_body') == "true" and env('ALLOW_CUSTOM_CODE_IN_THEMES') == 'true')@include($GLOBALS['themeName'] . '.extra.custom-body')@endif
|
||||||
|
|
||||||
@if($info->theme != '' and $info->theme != 'default')
|
@if($info->theme != '' and $info->theme != 'default')
|
||||||
<!-- Enables parallax background animations -->
|
<!-- Enables parallax background animations -->
|
||||||
|
@ -294,7 +294,7 @@ function get_operating_system() {
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
@if(theme('enable_custom_code') == "true" and theme('enable_custom_body_end') == "true")@include($GLOBALS['themeName'] . '.extra.custom-body-end')@endif
|
@if(theme('enable_custom_code') == "true" and theme('enable_custom_body_end') == "true" and env('ALLOW_CUSTOM_CODE_IN_THEMES') == 'true')@include($GLOBALS['themeName'] . '.extra.custom-body-end')@endif
|
||||||
|
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
|
@ -81,3 +81,7 @@ CUSTOM_META_TAGS=false
|
||||||
#=FORCE_HTTPS either true or false. Used to redirect any request to HTTPS.
|
#=FORCE_HTTPS either true or false. Used to redirect any request to HTTPS.
|
||||||
#=Note that this will only affect port 443 if you are using the docker image.
|
#=Note that this will only affect port 443 if you are using the docker image.
|
||||||
FORCE_HTTPS=false
|
FORCE_HTTPS=false
|
||||||
|
|
||||||
|
#=Defines wether or not themes are allowed to inject custom code.
|
||||||
|
#=Themes V2 can now implement fully custom code which you might want to disable for security reasons.
|
||||||
|
ALLOW_CUSTOM_CODE_IN_THEMES=true
|
Loading…
Reference in New Issue