add xframe setting
This commit is contained in:
parent
b04ee97822
commit
5eb0006588
|
@ -208,6 +208,8 @@ namespace MediaBrowser.Model.Configuration
|
||||||
public bool EnableVideoArchiveFiles { get; set; }
|
public bool EnableVideoArchiveFiles { get; set; }
|
||||||
public int RemoteClientBitrateLimit { get; set; }
|
public int RemoteClientBitrateLimit { get; set; }
|
||||||
|
|
||||||
|
public bool DenyIFrameEmbedding { get; set; }
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Initializes a new instance of the <see cref="ServerConfiguration" /> class.
|
/// Initializes a new instance of the <see cref="ServerConfiguration" /> class.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
|
@ -224,6 +226,7 @@ namespace MediaBrowser.Model.Configuration
|
||||||
EnableDashboardResourceMinification = true;
|
EnableDashboardResourceMinification = true;
|
||||||
|
|
||||||
EnableAutomaticRestart = true;
|
EnableAutomaticRestart = true;
|
||||||
|
DenyIFrameEmbedding = true;
|
||||||
|
|
||||||
EnableUPnP = true;
|
EnableUPnP = true;
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
using Funq;
|
using Funq;
|
||||||
using MediaBrowser.Common;
|
using MediaBrowser.Common;
|
||||||
using MediaBrowser.Common.Extensions;
|
using MediaBrowser.Common.Extensions;
|
||||||
|
using MediaBrowser.Controller.Configuration;
|
||||||
using MediaBrowser.Controller.Net;
|
using MediaBrowser.Controller.Net;
|
||||||
using MediaBrowser.Model.Logging;
|
using MediaBrowser.Model.Logging;
|
||||||
using MediaBrowser.Server.Implementations.HttpServer.SocketSharp;
|
using MediaBrowser.Server.Implementations.HttpServer.SocketSharp;
|
||||||
|
@ -43,6 +44,8 @@ namespace MediaBrowser.Server.Implementations.HttpServer
|
||||||
|
|
||||||
public string CertificatePath { get; private set; }
|
public string CertificatePath { get; private set; }
|
||||||
|
|
||||||
|
private readonly IServerConfigurationManager _config;
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
/// Gets the local end points.
|
/// Gets the local end points.
|
||||||
/// </summary>
|
/// </summary>
|
||||||
|
@ -63,12 +66,13 @@ namespace MediaBrowser.Server.Implementations.HttpServer
|
||||||
|
|
||||||
public HttpListenerHost(IApplicationHost applicationHost,
|
public HttpListenerHost(IApplicationHost applicationHost,
|
||||||
ILogManager logManager,
|
ILogManager logManager,
|
||||||
|
IServerConfigurationManager config,
|
||||||
string serviceName,
|
string serviceName,
|
||||||
string defaultRedirectPath,
|
string defaultRedirectPath, params Assembly[] assembliesWithServices)
|
||||||
params Assembly[] assembliesWithServices)
|
|
||||||
: base(serviceName, assembliesWithServices)
|
: base(serviceName, assembliesWithServices)
|
||||||
{
|
{
|
||||||
DefaultRedirectPath = defaultRedirectPath;
|
DefaultRedirectPath = defaultRedirectPath;
|
||||||
|
_config = config;
|
||||||
|
|
||||||
_logger = logManager.GetLogger("HttpServer");
|
_logger = logManager.GetLogger("HttpServer");
|
||||||
|
|
||||||
|
@ -115,7 +119,7 @@ namespace MediaBrowser.Server.Implementations.HttpServer
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
HostContext.GlobalResponseFilters.Add(new ResponseFilter(_logger).FilterResponse);
|
HostContext.GlobalResponseFilters.Add(new ResponseFilter(_logger, () => _config.Configuration.DenyIFrameEmbedding).FilterResponse);
|
||||||
}
|
}
|
||||||
|
|
||||||
public override void OnAfterInit()
|
public override void OnAfterInit()
|
||||||
|
|
|
@ -12,10 +12,12 @@ namespace MediaBrowser.Server.Implementations.HttpServer
|
||||||
{
|
{
|
||||||
private static readonly CultureInfo UsCulture = new CultureInfo("en-US");
|
private static readonly CultureInfo UsCulture = new CultureInfo("en-US");
|
||||||
private readonly ILogger _logger;
|
private readonly ILogger _logger;
|
||||||
|
private readonly Func<bool> _denyIframeEmbedding;
|
||||||
|
|
||||||
public ResponseFilter(ILogger logger)
|
public ResponseFilter(ILogger logger, Func<bool> denyIframeEmbedding)
|
||||||
{
|
{
|
||||||
_logger = logger;
|
_logger = logger;
|
||||||
|
_denyIframeEmbedding = denyIframeEmbedding;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <summary>
|
/// <summary>
|
||||||
|
@ -28,7 +30,11 @@ namespace MediaBrowser.Server.Implementations.HttpServer
|
||||||
{
|
{
|
||||||
// Try to prevent compatibility view
|
// Try to prevent compatibility view
|
||||||
res.AddHeader("X-UA-Compatible", "IE=Edge");
|
res.AddHeader("X-UA-Compatible", "IE=Edge");
|
||||||
res.AddHeader("X-Frame-Options", "DENY");
|
|
||||||
|
if (_denyIframeEmbedding())
|
||||||
|
{
|
||||||
|
res.AddHeader("X-Frame-Options", "DENY");
|
||||||
|
}
|
||||||
|
|
||||||
var exception = dto as Exception;
|
var exception = dto as Exception;
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
using MediaBrowser.Common;
|
using MediaBrowser.Common;
|
||||||
|
using MediaBrowser.Controller.Configuration;
|
||||||
using MediaBrowser.Controller.Net;
|
using MediaBrowser.Controller.Net;
|
||||||
using MediaBrowser.Model.Logging;
|
using MediaBrowser.Model.Logging;
|
||||||
using ServiceStack.Logging;
|
using ServiceStack.Logging;
|
||||||
|
@ -15,17 +16,19 @@ namespace MediaBrowser.Server.Implementations.HttpServer
|
||||||
/// </summary>
|
/// </summary>
|
||||||
/// <param name="applicationHost">The application host.</param>
|
/// <param name="applicationHost">The application host.</param>
|
||||||
/// <param name="logManager">The log manager.</param>
|
/// <param name="logManager">The log manager.</param>
|
||||||
|
/// <param name="config">The configuration.</param>
|
||||||
/// <param name="serverName">Name of the server.</param>
|
/// <param name="serverName">Name of the server.</param>
|
||||||
/// <param name="defaultRedirectpath">The default redirectpath.</param>
|
/// <param name="defaultRedirectpath">The default redirectpath.</param>
|
||||||
/// <returns>IHttpServer.</returns>
|
/// <returns>IHttpServer.</returns>
|
||||||
public static IHttpServer CreateServer(IApplicationHost applicationHost,
|
public static IHttpServer CreateServer(IApplicationHost applicationHost,
|
||||||
ILogManager logManager,
|
ILogManager logManager,
|
||||||
|
IServerConfigurationManager config,
|
||||||
string serverName,
|
string serverName,
|
||||||
string defaultRedirectpath)
|
string defaultRedirectpath)
|
||||||
{
|
{
|
||||||
LogManager.LogFactory = new ServerLogFactory(logManager);
|
LogManager.LogFactory = new ServerLogFactory(logManager);
|
||||||
|
|
||||||
return new HttpListenerHost(applicationHost, logManager, serverName, defaultRedirectpath);
|
return new HttpListenerHost(applicationHost, logManager, config, serverName, defaultRedirectpath);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -431,7 +431,7 @@ namespace MediaBrowser.Server.Startup.Common
|
||||||
|
|
||||||
RegisterSingleInstance<ISearchEngine>(() => new SearchEngine(LogManager, LibraryManager, UserManager));
|
RegisterSingleInstance<ISearchEngine>(() => new SearchEngine(LogManager, LibraryManager, UserManager));
|
||||||
|
|
||||||
HttpServer = ServerFactory.CreateServer(this, LogManager, "Emby", "web/index.html");
|
HttpServer = ServerFactory.CreateServer(this, LogManager, ServerConfigurationManager, "Emby", "web/index.html");
|
||||||
RegisterSingleInstance(HttpServer, false);
|
RegisterSingleInstance(HttpServer, false);
|
||||||
progress.Report(10);
|
progress.Report(10);
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
using MediaBrowser.Common.Extensions;
|
using System.Text;
|
||||||
|
using MediaBrowser.Common.Extensions;
|
||||||
using MediaBrowser.Common.IO;
|
using MediaBrowser.Common.IO;
|
||||||
using MediaBrowser.Controller;
|
using MediaBrowser.Controller;
|
||||||
using MediaBrowser.Controller.Configuration;
|
using MediaBrowser.Controller.Configuration;
|
||||||
|
@ -16,6 +17,7 @@ using System.Collections.Generic;
|
||||||
using System.IO;
|
using System.IO;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
|
using WebMarkupMin.Core.Minifiers;
|
||||||
|
|
||||||
namespace MediaBrowser.WebDashboard.Api
|
namespace MediaBrowser.WebDashboard.Api
|
||||||
{
|
{
|
||||||
|
@ -308,6 +310,11 @@ namespace MediaBrowser.WebDashboard.Api
|
||||||
File.Delete(Path.Combine(path, "thirdparty", "jquerymobile-1.4.5", "jquery.mobile-1.4.5.min.map"));
|
File.Delete(Path.Combine(path, "thirdparty", "jquerymobile-1.4.5", "jquery.mobile-1.4.5.min.map"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
MinifyCssDirectory(Path.Combine(path, "css"));
|
||||||
|
MinifyJsDirectory(Path.Combine(path, "scripts"));
|
||||||
|
MinifyJsDirectory(Path.Combine(path, "thirdparty", "apiclient"));
|
||||||
|
MinifyJsDirectory(Path.Combine(path, "voice"));
|
||||||
|
|
||||||
await DumpHtml(creator.DashboardUIPath, path, mode, culture, appVersion);
|
await DumpHtml(creator.DashboardUIPath, path, mode, culture, appVersion);
|
||||||
await DumpJs(creator.DashboardUIPath, path, mode, culture, appVersion);
|
await DumpJs(creator.DashboardUIPath, path, mode, culture, appVersion);
|
||||||
|
|
||||||
|
@ -317,6 +324,60 @@ namespace MediaBrowser.WebDashboard.Api
|
||||||
return "";
|
return "";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void MinifyCssDirectory(string path)
|
||||||
|
{
|
||||||
|
foreach (var file in Directory.GetFiles(path, "*.css", SearchOption.AllDirectories))
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
var text = File.ReadAllText(file, Encoding.UTF8);
|
||||||
|
|
||||||
|
var result = new KristensenCssMinifier().Minify(text, false, Encoding.UTF8);
|
||||||
|
|
||||||
|
if (result.Errors.Count > 0)
|
||||||
|
{
|
||||||
|
Logger.Error("Error minifying css: " + result.Errors[0].Message);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
text = result.MinifiedContent;
|
||||||
|
File.WriteAllText(file, text, Encoding.UTF8);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
Logger.ErrorException("Error minifying css", ex);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private void MinifyJsDirectory(string path)
|
||||||
|
{
|
||||||
|
foreach (var file in Directory.GetFiles(path, "*.js", SearchOption.AllDirectories))
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
var text = File.ReadAllText(file, Encoding.UTF8);
|
||||||
|
|
||||||
|
var result = new CrockfordJsMinifier().Minify(text, false, Encoding.UTF8);
|
||||||
|
|
||||||
|
if (result.Errors.Count > 0)
|
||||||
|
{
|
||||||
|
Logger.Error("Error minifying javascript: " + result.Errors[0].Message);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
text = result.MinifiedContent;
|
||||||
|
File.WriteAllText(file, text, Encoding.UTF8);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
Logger.ErrorException("Error minifying css", ex);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
private async Task DumpHtml(string source, string destination, string mode, string culture, string appVersion)
|
private async Task DumpHtml(string source, string destination, string mode, string culture, string appVersion)
|
||||||
{
|
{
|
||||||
foreach (var file in Directory.GetFiles(source, "*.html", SearchOption.TopDirectoryOnly))
|
foreach (var file in Directory.GetFiles(source, "*.html", SearchOption.TopDirectoryOnly))
|
||||||
|
|
|
@ -548,7 +548,6 @@ namespace MediaBrowser.WebDashboard.Api
|
||||||
"nowplayingbar.js",
|
"nowplayingbar.js",
|
||||||
"alphapicker.js",
|
"alphapicker.js",
|
||||||
"directorybrowser.js",
|
"directorybrowser.js",
|
||||||
"indexpage.js",
|
|
||||||
"moviecollections.js",
|
"moviecollections.js",
|
||||||
"notifications.js",
|
"notifications.js",
|
||||||
"remotecontrol.js",
|
"remotecontrol.js",
|
||||||
|
|
|
@ -120,6 +120,9 @@
|
||||||
<Content Include="dashboard-ui\scripts\htmlmediarenderer.js">
|
<Content Include="dashboard-ui\scripts\htmlmediarenderer.js">
|
||||||
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
|
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
|
||||||
</Content>
|
</Content>
|
||||||
|
<Content Include="dashboard-ui\scripts\sections.js">
|
||||||
|
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
|
||||||
|
</Content>
|
||||||
<Content Include="dashboard-ui\thirdparty\apiclient\localassetmanager.js">
|
<Content Include="dashboard-ui\thirdparty\apiclient\localassetmanager.js">
|
||||||
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
|
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
|
||||||
</Content>
|
</Content>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user