Add CSP support
parent
24124ed94b
commit
dfb89cacdc
|
@ -22,6 +22,7 @@ THIRD_PARTY_APPS = (
|
|||
'allauth.account',
|
||||
'compressor',
|
||||
'djangobower',
|
||||
'csp',
|
||||
)
|
||||
LOCAL_APPS = (
|
||||
'network.users',
|
||||
|
@ -42,6 +43,7 @@ MIDDLEWARE_CLASSES = (
|
|||
'django.contrib.messages.middleware.MessageMiddleware',
|
||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||
'django.middleware.security.SecurityMiddleware',
|
||||
'csp.middleware.CSPMiddleware',
|
||||
)
|
||||
|
||||
# Email
|
||||
|
@ -202,6 +204,21 @@ REST_FRAMEWORK = {
|
|||
|
||||
# Security
|
||||
SECRET_KEY = getenv('SECRET_KEY', 'changeme')
|
||||
CSP_DEFAULT_SRC = (
|
||||
"'self'",
|
||||
'https://*.mapbox.com',
|
||||
)
|
||||
CSP_SCRIPT_SRC = (
|
||||
"'self'",
|
||||
'https://*.google-analytics.com',
|
||||
)
|
||||
CSP_IMG_SRC = (
|
||||
"'self'",
|
||||
'https://*.gravatar.com',
|
||||
'https://*.mapbox.com',
|
||||
'https://*.satnogs.org',
|
||||
)
|
||||
|
||||
|
||||
# Database
|
||||
DATABASE_URL = getenv('DATABASE_URL', 'sqlite:///db.sqlite3')
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
$(document).ready(function() {
|
||||
'use strict';
|
||||
|
||||
// Add current copyright year
|
||||
var current_year = '-' + new Date().getFullYear();
|
||||
$('#copy').text(current_year);
|
||||
});
|
|
@ -3,6 +3,12 @@
|
|||
$(document).ready(function() {
|
||||
'use strict';
|
||||
|
||||
// Render Station success rate
|
||||
var success_rate = $('.progress-bar-success').data('success-rate');
|
||||
var percentagerest = $('.progress-bar-danger').data('percentagerest');
|
||||
$('.progress-bar-success').css('width', success_rate + '%');
|
||||
$('.progress-bar-danger').css('width', percentagerest + '%');
|
||||
|
||||
var mapboxid = $('div#map').data('mapboxid');
|
||||
var mapboxtoken = $('div#map').data('mapboxtoken');
|
||||
var stations = $('div#map').data('stations');
|
||||
|
|
|
@ -3,9 +3,26 @@
|
|||
$(document).ready(function() {
|
||||
'use strict';
|
||||
|
||||
// Render Station success rate
|
||||
var success_rate = $('.progress-bar-success').data('success-rate');
|
||||
var percentagerest = $('.progress-bar-danger').data('percentagerest');
|
||||
$('.progress-bar-success').css('width', success_rate + '%');
|
||||
$('.progress-bar-danger').css('width', percentagerest + '%');
|
||||
|
||||
// Reading data for station
|
||||
var station_info = $('#station-info').data();
|
||||
|
||||
// Confirm station deletion
|
||||
var message = 'Do you really want to delete this Ground Station?';
|
||||
var actions = $('#station-delete');
|
||||
if (actions.length) {
|
||||
actions[0].addEventListener('click', function(e) {
|
||||
if (! confirm(message)) {
|
||||
e.preventDefault();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
// Init the map
|
||||
var mapboxid = $('div#map-station').data('mapboxid');
|
||||
var mapboxtoken = $('div#map-station').data('mapboxtoken');
|
||||
|
|
|
@ -103,7 +103,7 @@
|
|||
<hr>
|
||||
<div class="row">
|
||||
<div class="col-md-6">
|
||||
<span class="glyphicon glyphicon-copyright-mark" aria-hidden="true"></span> 2014<script>document.write("-"+new Date().getFullYear());</script>
|
||||
<span class="glyphicon glyphicon-copyright-mark" aria-hidden="true"></span> 2014<span id="copy"></span>
|
||||
<a href="http://librespacefoundation.org/" target="_blank">Libre Space Foundation</a>.<br>
|
||||
<span class="glyphicon glyphicon-cloud" aria-hidden="true"></span>
|
||||
Observation data are freely distributed under the
|
||||
|
@ -120,6 +120,7 @@
|
|||
{% compress js %}
|
||||
<script src="{% static 'lib/jquery/jquery.min.js' %}"></script>
|
||||
<script src="{% static 'lib/bootstrap/dist/js/bootstrap.min.js' %}"></script>
|
||||
<script src="{% static 'js/app.js' %}"></script>
|
||||
{% block javascript %}
|
||||
{% endblock javascript %}
|
||||
{% endcompress %}
|
||||
|
|
|
@ -38,7 +38,7 @@
|
|||
</div>
|
||||
<div class="panel-body">
|
||||
<div class="text-center">
|
||||
<img src="{{ MEDIA_URL }}{{ featured_station.image }}"
|
||||
<img src="{{ featured_station.get_image }}"
|
||||
class="img-gs-front"
|
||||
alt="{{ featured_station.name }}"
|
||||
title="{{ featured_station.name }}">
|
||||
|
@ -77,10 +77,10 @@
|
|||
<span class="label label-info">Success Rate</span>
|
||||
<span class="gs-front-data">
|
||||
<div class="progress" title="{{ featured_station.success_rate }}%">
|
||||
<div class="progress-bar progress-bar-success" style="width: {{ featured_station.success_rate }}%">
|
||||
<div class="progress-bar progress-bar-success" data-success-rate="{{ featured_station.success_rate }}">
|
||||
<span class="sr-only">{{ featured_station.success_rate }}% Complete (success)</span>
|
||||
</div>
|
||||
<div class="progress-bar progress-bar-danger" style="width: {{ featured_station.success_rate|percentagerest }}%">
|
||||
<div class="progress-bar progress-bar-danger" data-percentagerest="{{ featured_station.success_rate|percentagerest }}">
|
||||
<span class="sr-only">{{ featured_station.success_rate|percentagerest }}% Complete (danger)</span>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
@ -97,10 +97,10 @@
|
|||
<span class="label label-default">Success Rate</span>
|
||||
<span class="gs-front-data">
|
||||
<div class="progress" title="{{ station.success_rate }}%">
|
||||
<div class="progress-bar progress-bar-success" style="width: {{ station.success_rate }}%">
|
||||
<div class="progress-bar progress-bar-success" data-success-rate="{{ station.success_rate }}">
|
||||
<span class="sr-only">{{ station.success_rate }}% Complete (success)</span>
|
||||
</div>
|
||||
<div class="progress-bar progress-bar-danger" style="width: {{ station.success_rate|percentagerest }}%">
|
||||
<div class="progress-bar progress-bar-danger" data-percentagerest="{{ station.success_rate|percentagerest }}">
|
||||
<span class="sr-only">{{ station.success_rate|percentagerest }}% Complete (danger)</span>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -214,18 +214,4 @@
|
|||
<script src="{% static 'js/station_view.js' %}"></script>
|
||||
<script src="{% static 'js/gridsquare.js' %}"></script>
|
||||
<script src="{% static 'js/satellite.js' %}"></script>
|
||||
|
||||
<script type="text/javascript">
|
||||
(function() {
|
||||
var message = "Do you really want to delete this Ground Station?";
|
||||
var actions = $('#station-delete');
|
||||
if (actions.length) {
|
||||
actions[0].addEventListener("click", function(e) {
|
||||
if (! confirm(message)) {
|
||||
e.preventDefault();
|
||||
}
|
||||
});
|
||||
}
|
||||
})();
|
||||
</script>
|
||||
{% endblock javascript %}
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
# Basic stuff
|
||||
# Basic
|
||||
django==1.10.5
|
||||
django-shortuuidfield==0.1.3
|
||||
django_compressor==2.1.1
|
||||
django-bower==5.2.0
|
||||
|
||||
# Configuration
|
||||
unicode-slugify==0.1.3
|
||||
|
@ -13,9 +11,12 @@ opbeat==3.5.2
|
|||
|
||||
# Security
|
||||
django-braces==1.11.0
|
||||
django-csp==3.2
|
||||
|
||||
# Images
|
||||
Pillow==4.0.0
|
||||
django_compressor==2.1.1
|
||||
django-bower==5.2.0
|
||||
|
||||
# Users
|
||||
django-allauth==0.30.0
|
||||
|
|
Loading…
Reference in New Issue