[connect | Trunk]

Server.ts: add x-frames headers to sameorigin, but allow for specific domains piwikHelper: add community pids git-svn-id: https://svn.driver.research-infrastructures.eu/driver/dnet40/modules/uoa-connect-portal/trunk@57604 d315682c-612b-4755-9ff5-7f18f6832af3
2019-11-14 10:12:48 +00:00 · 2019-11-14 10:12:48 +00:00 · 94ee4c76a9
parent 771ab82c7b
commit 94ee4c76a9
4 changed files with 24 additions and 5 deletions
--- a/server.ts
+++ b/server.ts
@ -27,6 +27,7 @@ import {ngExpressEngine, RenderOptions} from '@nguniversal/express-engine';
 // Import module map for lazy loading
 import { provideModuleMap } from '@nguniversal/module-map-ngfactory-loader';
 import {REQUEST, RESPONSE} from "@nguniversal/express-engine/tokens";
+import {isArray} from "util";

 // Our Universal express-engine (found @ https://github.com/angular/universal/tree/master/modules/express-engine)
 // app.engine('html', ngExpressEngine({
@ -63,6 +64,21 @@ app.engine('html', (_, options: any, callback) => {

 app.set('view engine', 'html');
 app.set('views', join(DIST_FOLDER, 'browser'));
+// Allow frames from specific domains
+app.use(function (req, res, next) {
+  var XFRAME_WHITELIST = [ 'http://scoobydoo.di.uoa.gr/frames.html', 'http://scoobydoo.di.uoa.gr:5000/customize-layout', 'https://beta.admin.connect.openaire.eu/customize-layout','https://admin.connect.openaire.eu/customize-layout'  ];
+  let referer:string;
+  if(req.headers.referer){
+    referer = isArray(req.headers.referer)?req.headers.referer[0]:req.headers.referer;
+    referer = referer.split("?")[0];
+  }
+  if (  referer &&  XFRAME_WHITELIST.indexOf(referer) != -1 ) {
+    // res.header('X-FRAME-OPTIONS', 'allow from ' +req.headers.referer);
+  }else {
+    res.header('X-FRAME-OPTIONS', 'SAMEORIGIN');
+  }
+  next();
+});

 /* - Example Express Rest API endpoints -
  app.get('/api/**', (req, res) => { });
--- a/src/app/app.component.ts
+++ b/src/app/app.component.ts
@ -98,7 +98,6 @@ export class AppComponent {
          this.user = user;
          this.init();
        });
-        this.init();
      }, error => {
        console.log("App couldn't fetch properties");
        console.log(error);
--- a/src/app/utils/piwikHelper.ts
+++ b/src/app/utils/piwikHelper.ts
@ -13,7 +13,9 @@ export class PiwikHelper{
    "rda":90,
    "aginfra":93,
    "clarin":100,
-    "dariah":103
+    "dariah":103,
+    "epos": 217,
+    "beopen": 218
  };
  public static siteIDsProduction={
    "connect": 112,
@ -29,7 +31,9 @@ export class PiwikHelper{
    "rda":'',
    "aginfra":'',
    "clarin":'',
-    "dariah":''
+    "dariah":'',
+    "epos": null,
+    "beopen" :null
  };
  public static getSiteId(communityId:string, environment:string){
    if(environment == 'production'){
--- a/src/assets/env-properties.json
+++ b/src/assets/env-properties.json
@ -38,9 +38,9 @@

  "piwikBaseUrl" :"https://analytics.openaire.eu/piwik.php?idsite=",
  "piwikSiteId" : "80",
-  "loginUrl" :"http://rudie.di.uoa.gr:8080/dnet-login/openid_connect_login",
+  "loginUrl" :"http://scoobydoo.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/openid_connect_login",

-  "userInfoUrl" : "http://rudie.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=",
+  "userInfoUrl" : "http://scoobydoo.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=",

  "logoutUrl" :"https://aai.openaire.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo=",