summaryrefslogtreecommitdiffstats
path: root/snap-src
diff options
context:
space:
mode:
authorLauri Ojansivu <x@xet7.org>2018-08-13 19:24:07 +0300
committerLauri Ojansivu <x@xet7.org>2018-08-13 19:24:07 +0300
commitb9929dc68297539a94d21950995e26e06745a263 (patch)
tree52783b89881e5315ae1f9e736b621122966e4ae5 /snap-src
parent79e464bf90171e1aabdee8470d0bcc5fd4339d5b (diff)
downloadwekan-b9929dc68297539a94d21950995e26e06745a263.tar.gz
wekan-b9929dc68297539a94d21950995e26e06745a263.tar.bz2
wekan-b9929dc68297539a94d21950995e26e06745a263.zip
- When Content Policy is enabled, allow one URL to have iframe that embeds Wekan
- Add option to turn off Content Policy - Allow always in Wekan markdown <img src="any-image-url-here"> Thanks to xet7 ! Closes #1676
Diffstat (limited to 'snap-src')
-rwxr-xr-xsnap-src/bin/config12
-rwxr-xr-xsnap-src/bin/wekan-help15
2 files changed, 26 insertions, 1 deletions
diff --git a/snap-src/bin/config b/snap-src/bin/config
index 9aa2841e..2c50c074 100755
--- a/snap-src/bin/config
+++ b/snap-src/bin/config
@@ -3,7 +3,7 @@
# All supported keys are defined here together with descriptions and default values
# list of supported keys
-keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME"
+keys="MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL"
# default values
DESCRIPTION_MONGODB_BIND_UNIX_SOCKET="mongodb binding unix socket:\n"\
@@ -67,3 +67,13 @@ KEY_MATOMO_DO_NOT_TRACK="matomo-do-not-track"
DESCRIPTION_MATOMO_WITH_USERNAME="The option that allows matomo to retrieve the username"
DEFAULT_MATOMO_WITH_USERNAME="false"
KEY_MATOMO_WITH_USERNAME="matomo-with-username"
+
+DESCRIPTION_BROWSER_POLICY_ENABLED="Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside.\n"\
+"\t\t\t Setting this to false is not recommended, it also disables all other browser policy protections\n"\
+"\t\t\t and allows all iframing etc. See wekan/server/policy.js"
+DEFAULT_BROWSER_POLICY_ENABLED="true"
+KEY_BROWSER_POLICY_ENABLED="browser-policy-enabled"
+
+DESCRIPTION_TRUSTED_URL="When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside."
+DEFAULT_TRUSTED_URL=""
+KEY_TRUSTED_URL="trusted-url"
diff --git a/snap-src/bin/wekan-help b/snap-src/bin/wekan-help
index 5c3f9b31..49270fb2 100755
--- a/snap-src/bin/wekan-help
+++ b/snap-src/bin/wekan-help
@@ -32,6 +32,21 @@ echo -e "To enable the API of wekan:"
echo -e "\t$ snap set $SNAP_NAME WITH_API='true'"
echo -e "\t-Disable the API:"
echo -e "\t$ snap set $SNAP_NAME WITH_API='false'"
+echo -e "\n"
+echo -e "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside."
+echo -e "\t\t Setting this to false is not recommended, it also disables all other browser policy protections"
+echo -e "\t\t and allows all iframing etc. See wekan/server/policy.js"
+echo -e "To enable the Content Policy of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME CONTENT_POLICY_ENABLED='true'"
+echo -e "\t-Disable the Content Policy of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME CONTENT_POLICY_ENABLED='false'"
+echo -e "\n"
+echo -e "When browser policy is enabled, HTML code at this URL can have iframe that embeds Wekan inside."
+echo -e "To enable the Trusted URL of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME TRUSTED_URL='https://example.com'"
+echo -e "\t-Disable the Trusted URL of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME TRUSTED_URL=''"
+echo -e "\n"
# parse config file for supported settings keys
echo -e "wekan supports settings keys"
echo -e "values can be changed by calling\n$ snap set $SNAP_NAME <key name>='<key value>'"