r4sas
/
webogram-i2p
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Enable CSP by default

master
Igor Zhukov 11 years ago
parent
b4acbc0082
commit
ab5f85c63e
3 changed files with 2 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      README.md
  2. 2
      app/index.html
  3. 9
      gulpfile.js

4
README.md
Unescape View File

@ -67,10 +67,6 @@ Install [node.js](http://nodejs.org/) and run `node server.js`. Open page http:/
#### Running as Chrome Packaged App #### Running as Chrome Packaged App
It is possible to run this application in Chrome browser as a packaged app. In order to do this, open this URL in Chrome: `chrome://extensions/`, then tick "Developer mode" and press "Load unpacked extension...". Select the downloaded `app` folder and Webogram application should appear in the list. It is possible to run this application in Chrome browser as a packaged app. In order to do this, open this URL in Chrome: `chrome://extensions/`, then tick "Developer mode" and press "Load unpacked extension...". Select the downloaded `app` folder and Webogram application should appear in the list.
Also it's necessary to replace following line in index.html:
```<html lang="en" ng-app="myApp"><!-- ng-csp=""-->```
with:
```<html lang="en" ng-app="myApp" ng-csp="">```
You can also download this application from Chrome Web Store: [chrome.google.com/webstore/detail/telegram-unofficial/clhhggbfdinjmjhajaheehoeibfljjno](https://chrome.google.com/webstore/detail/telegram-unofficial/clhhggbfdinjmjhajaheehoeibfljjno). This is more secure way to use app than plain HTTP in web, because sources are downloaded only once and via HTTPS. You can also download this application from Chrome Web Store: [chrome.google.com/webstore/detail/telegram-unofficial/clhhggbfdinjmjhajaheehoeibfljjno](https://chrome.google.com/webstore/detail/telegram-unofficial/clhhggbfdinjmjhajaheehoeibfljjno). This is more secure way to use app than plain HTTP in web, because sources are downloaded only once and via HTTPS.

2
app/index.html
Unescape View File

@ -1,5 +1,5 @@
<!doctype html> <!doctype html>
<html lang="en" ng-app="myApp" manifest="webogram.appcache"><!-- ng-csp="" --> <html lang="en" ng-app="myApp" manifest="webogram.appcache" ng-csp="">
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<meta name="viewport" content="width=device-width, user-scalable=no"> <meta name="viewport" content="width=device-width, user-scalable=no">

9
gulpfile.js
Unescape View File

@ -62,7 +62,7 @@ gulp.task('copy', function() {
); );
}); });
gulp.task('compress-dist', ['add-csp'], function() { gulp.task('compress-dist', function() {
return gulp.src('**/*', {cwd: path.join(process.cwd(), '/dist')}) return gulp.src('**/*', {cwd: path.join(process.cwd(), '/dist')})
.pipe($.zip('webogram_v' + pj.version + '.zip')) .pipe($.zip('webogram_v' + pj.version + '.zip'))
.pipe(gulp.dest('releases')); .pipe(gulp.dest('releases'));
@ -72,12 +72,6 @@ gulp.task('cleanup-dist', ['compress-dist'], function() {
return gulp.src(['releases/**/*', '!releases/*.zip']).pipe($.clean()); return gulp.src(['releases/**/*', '!releases/*.zip']).pipe($.clean());
}); });
gulp.task('add-csp', ['build'], function() {
return gulp.src('dist/index.html')
.pipe($.replace(/<html(.*?)>/, '<html$1 ng-csp="">'))
.pipe(gulp.dest('dist'));
});
gulp.task('update-version-manifests', function() { gulp.task('update-version-manifests', function() {
return gulp.src(['app/manifest.webapp', 'app/manifest.json']) return gulp.src(['app/manifest.webapp', 'app/manifest.json'])
.pipe($.replace(/"version": ".*",/, '"version": "' + pj.version + '",')) .pipe($.replace(/"version": ".*",/, '"version": "' + pj.version + '",'))
@ -177,7 +171,6 @@ gulp.task('package-dev', function() {
.pipe(gulp.dest('dist_package/vendor')), .pipe(gulp.dest('dist_package/vendor')),
gulp.src('app/**/*.html') gulp.src('app/**/*.html')
.pipe($.replace(/<html(.*?)>/, '<html$1 ng-csp="">'))
.pipe($.replace(/PRODUCTION_ONLY_BEGIN/g, 'PRODUCTION_ONLY_BEGIN-->')) .pipe($.replace(/PRODUCTION_ONLY_BEGIN/g, 'PRODUCTION_ONLY_BEGIN-->'))
.pipe($.replace(/PRODUCTION_ONLY_END/, '<!--PRODUCTION_ONLY_END')) .pipe($.replace(/PRODUCTION_ONLY_END/, '<!--PRODUCTION_ONLY_END'))
.pipe(gulp.dest('dist_package')), .pipe(gulp.dest('dist_package')),

Write Preview
Loading…
Cancel
Save