authelia

Commit Graph

Author	SHA1	Message	Date
Amir Zarrinkafsh	f8bd506326	[FEATURE] Embed static assets in Go binary (#916 ) * [FEATURE] Embed static assets in Go binary * Refactor/consolidate code and specify public_html via configuration * Update docs and config template for assets * Update AUR package pre-requisites and systemd unit * Include static assets as Buildkite and GitHub artifacts * Remove references to PUBLIC_DIR * Only serve assets via embedded filesystem and remove configuration references * Update authelia-scripts helper to build the embedded filesystem * Mock the embedded filesystem for unit tests Add to gitignore to ensure this isn't overwritten. * Move go:generate to satisfy linter	2020-04-29 00:07:20 +10:00
Amir Zarrinkafsh	54694c4fca	[MISC] Ignore errcheck recommendations for legacy code (#893 ) * [MISC] Ignore errcheck recommendations for legacy code Some of this is likely intended to stay how it is, some could use refactoring, for now we will mark is and ignore it from the linter to be potentially addressed in the future. * [MISC] Ensure files are gofmt-ed	2020-04-22 13:33:14 +10:00
Clément Michaud	b12d9d405f	[FEATURE] Add Content-Security-Policy meta to login portal. (#822 ) CSP is used to avoid some attacks where the hacker tries to execute untrusted code in the browser. The policy is to use assets hosted on the the original website and in order to make CSP work with material UI, a nonce is generated at each request of index.html and injected in the template as well as provided in the Content-Security-Policy header (https://material-ui.com/styles/advanced/#how-does-one-implement-csp) Fix #815	2020-04-21 10:23:28 +10:00

Author

SHA1

Message

Date

Amir Zarrinkafsh

f8bd506326

[FEATURE] Embed static assets in Go binary (#916 )

* [FEATURE] Embed static assets in Go binary

* Refactor/consolidate code and specify public_html via configuration

* Update docs and config template for assets

* Update AUR package pre-requisites and systemd unit

* Include static assets as Buildkite and GitHub artifacts

* Remove references to PUBLIC_DIR

* Only serve assets via embedded filesystem and remove configuration references

* Update authelia-scripts helper to build the embedded filesystem

* Mock the embedded filesystem for unit tests
Add to gitignore to ensure this isn't overwritten.

* Move go:generate to satisfy linter

2020-04-29 00:07:20 +10:00

Amir Zarrinkafsh

54694c4fca

[MISC] Ignore errcheck recommendations for legacy code (#893 )

* [MISC] Ignore errcheck recommendations for legacy code
Some of this is likely intended to stay how it is, some could use refactoring, for now we will mark is and ignore it from the linter to be potentially addressed in the future.

* [MISC] Ensure files are gofmt-ed

2020-04-22 13:33:14 +10:00

Clément Michaud

b12d9d405f

[FEATURE] Add Content-Security-Policy meta to login portal. (#822 )

CSP is used to avoid some attacks where the hacker tries to execute
untrusted code in the browser.

The policy is to use assets hosted on the the original website and in order to make CSP work with material UI, a nonce is generated at each request of index.html and injected in the template as well as provided in the Content-Security-Policy header (https://material-ui.com/styles/advanced/#how-does-one-implement-csp)

Fix #815

2020-04-21 10:23:28 +10:00

3 Commits (3f374534abb33b5d03dd0fa4e5a01b3e08475c46)