[connect | Trunk]

Server.ts: add x-frames headers to sameorigin, but allow for specific domains

piwikHelper: add community pids




git-svn-id: https://svn.driver.research-infrastructures.eu/driver/dnet40/modules/uoa-connect-portal/trunk@57604 d315682c-612b-4755-9ff5-7f18f6832af3

server.ts

@@ -27,6 +27,7 @@ import {ngExpressEngine, RenderOptions} from '@nguniversal/express-engine';
 // Import module map for lazy loading
 import { provideModuleMap } from '@nguniversal/module-map-ngfactory-loader';
 import {REQUEST, RESPONSE} from "@nguniversal/express-engine/tokens";
+import {isArray} from "util";
 
 // Our Universal express-engine (found @ https://github.com/angular/universal/tree/master/modules/express-engine)
 // app.engine('html', ngExpressEngine({
@@ -63,6 +64,21 @@ app.engine('html', (_, options: any, callback) => {
 
 app.set('view engine', 'html');
 app.set('views', join(DIST_FOLDER, 'browser'));
+// Allow frames from specific domains
+app.use(function (req, res, next) {
+  var XFRAME_WHITELIST = [ 'http://scoobydoo.di.uoa.gr/frames.html', 'http://scoobydoo.di.uoa.gr:5000/customize-layout', 'https://beta.admin.connect.openaire.eu/customize-layout','https://admin.connect.openaire.eu/customize-layout'  ];
+  let referer:string;
+  if(req.headers.referer){
+    referer = isArray(req.headers.referer)?req.headers.referer[0]:req.headers.referer;
+    referer = referer.split("?")[0];
+  }
+  if (  referer &&  XFRAME_WHITELIST.indexOf(referer) != -1 ) {
+    // res.header('X-FRAME-OPTIONS', 'allow from ' +req.headers.referer);
+  }else {
+    res.header('X-FRAME-OPTIONS', 'SAMEORIGIN');
+  }
+  next();
+});
 
 /* - Example Express Rest API endpoints -
   app.get('/api/**', (req, res) => { });

src/app/app.component.ts

@@ -98,7 +98,6 @@ export class AppComponent {
           this.user = user;
           this.init();
         });
-        this.init();
       }, error => {
         console.log("App couldn't fetch properties");
         console.log(error);

src/app/utils/piwikHelper.ts

@@ -13,7 +13,9 @@ export class PiwikHelper{
     "rda":90,
     "aginfra":93,
     "clarin":100,
-    "dariah":103
+    "dariah":103,
+    "epos": 217,
+    "beopen": 218
   };
   public static siteIDsProduction={
     "connect": 112,
@@ -29,7 +31,9 @@ export class PiwikHelper{
     "rda":'',
     "aginfra":'',
     "clarin":'',
-    "dariah":''
+    "dariah":'',
+    "epos": null,
+    "beopen" :null
   };
   public static getSiteId(communityId:string, environment:string){
     if(environment == 'production'){

src/assets/env-properties.json

@@ -38,9 +38,9 @@
 
   "piwikBaseUrl" :"https://analytics.openaire.eu/piwik.php?idsite=",
   "piwikSiteId" : "80",
-  "loginUrl" :"http://rudie.di.uoa.gr:8080/dnet-login/openid_connect_login",
+  "loginUrl" :"http://scoobydoo.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/openid_connect_login",
 
-  "userInfoUrl" : "http://rudie.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=",
+  "userInfoUrl" : "http://scoobydoo.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=",
 
   "logoutUrl" :"https://aai.openaire.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo=",