Add Content-Security-Policy in Authelia web pages

pull/175/head
Clement Michaud 2017-10-19 22:30:59 +02:00
parent a3560ef8d3
commit 969561f4ad
10 changed files with 68 additions and 88 deletions

View File

@ -1,6 +1,6 @@
body { body {
background-image: url("data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI1NiIgaGVpZ2h0PSIxMDAiPgo8cmVjdCB3aWR0aD0iNTYiIGhlaWdodD0iMTAwIiBmaWxsPSIjRkZGRkZGIj48L3JlY3Q+CjxwYXRoIGQ9Ik0yOCA2NkwwIDUwTDAgMTZMMjggMEw1NiAxNkw1NiA1MEwyOCA2NkwyOCAxMDAiIGZpbGw9Im5vbmUiIHN0cm9rZT0iI0ZDRkNGQyIgc3Ryb2tlLXdpZHRoPSIyIj48L3BhdGg+CjxwYXRoIGQ9Ik0yOCAwTDI4IDM0TDAgNTBMMCA4NEwyOCAxMDBMNTYgODRMNTYgNTBMMjggMzQiIGZpbGw9Im5vbmUiIHN0cm9rZT0iI0ZCRkJGQiIgc3Ryb2tlLXdpZHRoPSIyIj48L3BhdGg+Cjwvc3ZnPg=="); background-image: url("/img/background.svg");
} }
.authelia-brand { .authelia-brand {

View File

@ -0,0 +1,5 @@
<svg xmlns="http://www.w3.org/2000/svg" width="56" height="100">
<rect width="56" height="100" fill="#FFFFFF"></rect>
<path d="M28 66L0 50L0 16L28 0L56 16L56 50L28 66L28 100" fill="none" stroke="#FCFCFC" stroke-width="2"></path>
<path d="M28 0L28 34L0 50L0 84L28 100L56 84L56 50L28 34" fill="none" stroke="#FBFBFB" stroke-width="2"></path>
</svg>

After

Width:  |  Height:  |  Size: 347 B

View File

@ -10,27 +10,22 @@ import ResetPasswordForm from "./lib/reset-password/reset-password-form";
import jslogger = require("js-logger"); import jslogger = require("js-logger");
import jQuery = require("jquery"); import jQuery = require("jquery");
import U2fApi = require("u2f-api"); import U2fApi = require("u2f-api");
import Endpoints = require("../../shared/api");
jslogger.useDefaults(); jslogger.useDefaults();
jslogger.setLevel(jslogger.INFO); jslogger.setLevel(jslogger.INFO);
export = { (function () {
firstfactor: function () { if (window.location.pathname == Endpoints.FIRST_FACTOR_GET)
FirstFactor(window, jQuery, FirstFactorValidator, jslogger); FirstFactor(window, jQuery, FirstFactorValidator, jslogger);
}, else if (window.location.pathname == Endpoints.SECOND_FACTOR_GET)
secondfactor: function () { SecondFactor(window, jQuery, U2fApi);
SecondFactor(window, jQuery, U2fApi); else if (window.location.pathname == Endpoints.SECOND_FACTOR_TOTP_IDENTITY_FINISH_GET)
}, TOTPRegister(window, jQuery);
register_totp: function() { else if (window.location.pathname == Endpoints.SECOND_FACTOR_U2F_IDENTITY_FINISH_GET)
TOTPRegister(window, jQuery); U2fRegister(window, jQuery);
}, else if (window.location.pathname == Endpoints.RESET_PASSWORD_IDENTITY_FINISH_GET)
register_u2f: function () { ResetPasswordForm(window, jQuery);
U2fRegister(window, jQuery); else if (window.location.pathname == Endpoints.RESET_PASSWORD_REQUEST_GET)
}, ResetPasswordRequest(window, jQuery);
reset_password_request: function () { })();
ResetPasswordRequest(window, jQuery);
},
reset_password_form: function () {
ResetPasswordForm(window, jQuery);
}
};

View File

@ -15,7 +15,4 @@ block content
<!-- <label class="checkbox pull-left"><input type="checkbox" value="remember-me">Remember me</label> --> <!-- <label class="checkbox pull-left"><input type="checkbox" value="remember-me">Remember me</label> -->
a(href=reset_password_request_endpoint, class="pull-right link forgot-password") Forgot password? a(href=reset_password_request_endpoint, class="pull-right link forgot-password") Forgot password?
<span class="clearfix"></span> <span class="clearfix"></span>
</form> </form>
block entrypoint
<script>authelia.firstfactor();</script>

View File

@ -1,31 +1,32 @@
block variables block variables
html html
head head
title Authelia - 2FA title Authelia - 2FA
meta(name="viewport", content="width=device-width, initial-scale=1.0")/ meta(name="viewport", content="width=device-width, initial-scale=1.0")/
meta(name="robots", content="noindex, nofollow, nosnippet, noarchive")/ meta(name="robots", content="noindex, nofollow, nosnippet, noarchive")/
link(rel="icon", href="/img/icon.png" type="image/png" sizes="32x32")/ meta(http-equiv="Content-Security-Policy", content="default-src 'self'; img-src 'self' data:;")/
link(rel="stylesheet", type="text/css", href="/css/authelia.css")/ link(rel="icon", href="/img/icon.png" type="image/png" sizes="32x32")/
if redirection_url link(rel="stylesheet", type="text/css", href="/css/authelia.css")/
<meta http-equiv="refresh" content="4;url=#{redirection_url}"> if redirection_url
body <meta http-equiv="refresh" content="4;url=#{redirection_url}">
<div class="container"> body
<div class="container">
<div class="row">
<div class="col-xs-12 col-sm-8 col-sm-offset-2 col-md-6 col-md-offset-3 col-lg-6 col-lg-offset-3">
<div class="account-wall #{page_classname}">
block form-header
<div class="row"> <div class="row">
<div class="col-xs-12 col-sm-8 col-sm-offset-2 col-md-6 col-md-offset-3 col-lg-6 col-lg-offset-3"> <div class="form col-xs-10 col-xs-offset-1 col-sm-8 col-sm-offset-2 col-md-8 col-md-offset-2">
<div class="account-wall #{page_classname}"> block content
block form-header </div>
<div class="row">
<div class="form col-xs-10 col-xs-offset-1 col-sm-8 col-sm-offset-2 col-md-8 col-md-offset-2">
block content
</div>
</div>
<div class="row poweredby-block">
<div class="poweredby col-xs-6 col-xs-offset-4 col-sm-6 col-sm-offset-4 col-md-6 col-md-offset-4">Powered by <a class="authelia-brand" href="https://github.com/clems4ever/authelia">Authelia</a></div>
</div>
</div>
</div>
</div> </div>
<div class="row poweredby-block">
<div class="poweredby col-xs-6 col-xs-offset-4 col-sm-6 col-sm-offset-4 col-md-6 col-md-offset-4">Powered by <a class="authelia-brand" href="https://github.com/clems4ever/authelia">Authelia</a></div>
</div>
</div>
</div> </div>
script(src="/js/authelia.js") </div>
block entrypoint </div>
block entrypoint
script(src="/js/authelia.js")

View File

@ -17,7 +17,4 @@ block content
</div> </div>
<button id="reset-password-button" class="btn btn-lg btn-primary btn-block" type="submit">Reset Password</button> <button id="reset-password-button" class="btn btn-lg btn-primary btn-block" type="submit">Reset Password</button>
<span class="clearfix"></span> <span class="clearfix"></span>
</form> </form>
block entrypoint
<script>authelia.reset_password_form();</script>

View File

@ -16,8 +16,4 @@ block content
</div> </div>
<button id="reset-password-button" class="btn btn-lg btn-primary btn-block" type="submit">Reset Password</button> <button id="reset-password-button" class="btn btn-lg btn-primary btn-block" type="submit">Reset Password</button>
<span class="clearfix"></span> <span class="clearfix"></span>
</form> </form>
block entrypoint
<script>authelia.reset_password_request();</script>

View File

@ -5,25 +5,20 @@ block form-header
<img class="header-img" src="../img/padlock.png" alt=""> <img class="header-img" src="../img/padlock.png" alt="">
block content block content
p Hi <b>#{username}</b>, please complete second factor or <a href="/logout">logout</a>. p Hi <b>#{username}</b>, please complete second factor or <a href="/logout">logout</a>.
<div class="notification notification-totp"></div> <div class="notification notification-totp"></div>
<form class="form-signin totp"> <form class="form-signin totp">
<div class="form-inputs"> <div class="form-inputs">
<input type="text" autocomplete="off" class="form-control" id="token" placeholder="Token" required autofocus> <input type="text" autocomplete="off" class="form-control" id="token" placeholder="Token" required autofocus>
</div> </div>
<button class="btn btn-lg btn-primary btn-block totp-button" type="submit">TOTP</button> <button class="btn btn-lg btn-primary btn-block totp-button" type="submit">TOTP</button>
a(href=totp_identity_start_endpoint, class="pull-right link register-totp") Need to register? a(href=totp_identity_start_endpoint, class="pull-right link register-totp") Need to register?
<span class="clearfix"></span> <span class="clearfix"></span>
</form> </form>
<hr> <hr>
<div class="notification notification-u2f"></div> <div class="notification notification-u2f"></div>
<form class="form-signin u2f"> <form class="form-signin u2f">
<button class="btn btn-lg btn-primary btn-block u2f-button" type="submit">U2F</button> <button class="btn btn-lg btn-primary btn-block u2f-button" type="submit">U2F</button>
a(href=u2f_identity_start_endpoint, class="pull-right link register-u2f") Need to register? a(href=u2f_identity_start_endpoint, class="pull-right link register-u2f") Need to register?
<span class="clearfix"></span> <span class="clearfix"></span>
</form> </form>
block entrypoint
<script>
| authelia.secondfactor();
</script>

View File

@ -14,6 +14,3 @@ block content
block entrypoint block entrypoint
<script src="/js/qrcode.min.js"></script> <script src="/js/qrcode.min.js"></script>
<script>
| authelia.register_totp();
</script>

View File

@ -8,7 +8,4 @@ block form-header
<p>Touch the token to register your U2F device.</p> <p>Touch the token to register your U2F device.</p>
block content block content
<img src="/img/pendrive.png" alt="pendrive" /> <img src="/img/pendrive.png" alt="pendrive" />
block entrypoint
<script>window.authelia.register_u2f()</script>