MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Can now switch to the bootstrap ui at runtime with ?sitestyle=3 in the url.

This commit is contained in:
Ylian Saint-Hilaire 2024-11-03 09:34:26 -08:00
parent 7928f7fb30
commit c09d2fad3e
2 changed files with 28 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -62,4 +62,4 @@
"url": "https://github.com/Ylianst/MeshCentral.git" "url": "https://github.com/Ylianst/MeshCentral.git"
}, },
"readme": "readme.md" "readme": "readme.md"
} }

54
webserver.js
View File

@ -1969,28 +1969,28 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
var idsplit = cookie.u.split('/'); var idsplit = cookie.u.split('/');
if ((idsplit.length != 3) || (idsplit[1] != domain.id)) { if ((idsplit.length != 3) || (idsplit[1] != domain.id)) {
parent.debug('web', 'handleCheckMailRequest: Invalid domain.'); parent.debug('web', 'handleCheckMailRequest: Invalid domain.');
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 1, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 1, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain));
} else { } else {
obj.db.Get(cookie.u, function (err, docs) { obj.db.Get(cookie.u, function (err, docs) {
if (docs.length == 0) { if (docs.length == 0) {
parent.debug('web', 'handleCheckMailRequest: Invalid username.'); parent.debug('web', 'handleCheckMailRequest: Invalid username.');
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 2, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(idsplit[1]).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 2, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(idsplit[1]).replace(/'/g, '%27') }, req, domain));
} else { } else {
var user = docs[0]; var user = docs[0];
if (user.email != cookie.e) { if (user.email != cookie.e) {
parent.debug('web', 'handleCheckMailRequest: Invalid e-mail.'); parent.debug('web', 'handleCheckMailRequest: Invalid e-mail.');
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 3, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27'), arg2: encodeURIComponent(user.name).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 3, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27'), arg2: encodeURIComponent(user.name).replace(/'/g, '%27') }, req, domain));
} else { } else {
if (cookie.a == 1) { if (cookie.a == 1) {
// Account email verification // Account email verification
if (user.emailVerified == true) { if (user.emailVerified == true) {
parent.debug('web', 'handleCheckMailRequest: email already verified.'); parent.debug('web', 'handleCheckMailRequest: email already verified.');
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 4, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27'), arg2: encodeURIComponent(user.name).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 4, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27'), arg2: encodeURIComponent(user.name).replace(/'/g, '%27') }, req, domain));
} else { } else {
obj.db.GetUserWithVerifiedEmail(domain.id, user.email, function (err, docs) { obj.db.GetUserWithVerifiedEmail(domain.id, user.email, function (err, docs) {
if ((docs.length > 0) && (docs.find(function (u) { return (u._id === user._id); }) < 0)) { if ((docs.length > 0) && (docs.find(function (u) { return (u._id === user._id); }) < 0)) {
parent.debug('web', 'handleCheckMailRequest: email already in use.'); parent.debug('web', 'handleCheckMailRequest: email already in use.');
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 5, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 5, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27') }, req, domain));
} else { } else {
parent.debug('web', 'handleCheckMailRequest: email verification success.'); parent.debug('web', 'handleCheckMailRequest: email verification success.');
@ -2005,7 +2005,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, event); obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, event);
// Send the confirmation page // Send the confirmation page
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 6, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27'), arg2: encodeURIComponent(user.name).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 6, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: encodeURIComponent(user.email).replace(/'/g, '%27'), arg2: encodeURIComponent(user.name).replace(/'/g, '%27') }, req, domain));
// Send a notification // Send a notification
obj.parent.DispatchEvent([user._id], obj, { action: 'notify', title: 'Email verified', value: user.email, nolog: 1, id: Math.random() }); obj.parent.DispatchEvent([user._id], obj, { action: 'notify', title: 'Email verified', value: user.email, nolog: 1, id: Math.random() });
@ -2019,7 +2019,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Account reset // Account reset
if (user.emailVerified != true) { if (user.emailVerified != true) {
parent.debug('web', 'handleCheckMailRequest: email not verified.'); parent.debug('web', 'handleCheckMailRequest: email not verified.');
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 7, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: EscapeHtml(user.email), arg2: EscapeHtml(user.name) }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 7, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: EscapeHtml(user.email), arg2: EscapeHtml(user.name) }, req, domain));
} else { } else {
if (req.query.confirm == 1) { if (req.query.confirm == 1) {
// Set a temporary password // Set a temporary password
@ -2043,7 +2043,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, event); obj.parent.DispatchEvent(['*', 'server-users', user._id], obj, event);
// Send the new password // Send the new password
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 8, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: EscapeHtml(user.name), arg2: EscapeHtml(newpass) }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 8, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27'), arg1: EscapeHtml(user.name), arg2: EscapeHtml(newpass) }, req, domain));
parent.debug('web', 'handleCheckMailRequest: send temporary password.'); parent.debug('web', 'handleCheckMailRequest: send temporary password.');
// Send to authLog // Send to authLog
@ -2053,18 +2053,18 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
} else { } else {
// Display a link for the user to confirm password reset // Display a link for the user to confirm password reset
// We must do this because GMail will also load this URL a few seconds after the user does and we don't want to cause two password resets. // We must do this because GMail will also load this URL a few seconds after the user does and we don't want to cause two password resets.
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 14, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 14, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain));
} }
} }
} else { } else {
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 9, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 9, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain));
} }
} }
} }
}); });
} }
} else { } else {
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 10, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 1, msgid: 10, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain));
} }
} }
} }
@ -2097,7 +2097,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Check if we are in maintenance mode // Check if we are in maintenance mode
if ((parent.config.settings.maintenancemode != null) && (req.query.loginscreen !== '1')) { if ((parent.config.settings.maintenancemode != null) && (req.query.loginscreen !== '1')) {
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 3, msgid: 13, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 3, msgid: 13, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain));
return; return;
} }
@ -2836,7 +2836,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Check if we are in maintenance mode // Check if we are in maintenance mode
if ((parent.config.settings.maintenancemode != null) && (req.query.loginscreen !== '1')) { if ((parent.config.settings.maintenancemode != null) && (req.query.loginscreen !== '1')) {
parent.debug('web', 'handleLoginRequest: Server under maintenance.'); parent.debug('web', 'handleLoginRequest: Server under maintenance.');
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 3, msgid: 13, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 3, msgid: 13, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain));
return; return;
} }
@ -3133,7 +3133,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
else if (args.webrtcconfig && (typeof args.webrtcconfig == 'object')) { webRtcConfig = encodeURIComponent(JSON.stringify(args.webrtcconfig)).replace(/'/g, '%27'); } else if (args.webrtcconfig && (typeof args.webrtcconfig == 'object')) { webRtcConfig = encodeURIComponent(JSON.stringify(args.webrtcconfig)).replace(/'/g, '%27'); }
// Refresh the session // Refresh the session
render(dbGetFunc.req, dbGetFunc.res, getRenderPage((domain.sitestyle == 3 ? 'default3' : 'default'), dbGetFunc.req, domain), getRenderArgs({ render(dbGetFunc.req, dbGetFunc.res, getRenderPage(((domain.sitestyle == 3) || (req.query.sitestyle == 3) ? 'default3' : 'default'), dbGetFunc.req, domain), getRenderArgs({
authCookie: authCookie, authCookie: authCookie,
authRelayCookie: authRelayCookie, authRelayCookie: authRelayCookie,
viewmode: viewmode, viewmode: viewmode,
@ -3377,7 +3377,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Render the login page // Render the login page
render(req, res, render(req, res,
getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'login2' : 'login', req, domain), getRenderPage((domain.sitestyle >= 2) ? 'login2' : 'login', req, domain),
getRenderArgs({ getRenderArgs({
loginmode: loginmode, loginmode: loginmode,
rootCertLink: getRootCertLink(domain), rootCertLink: getRootCertLink(domain),
@ -3412,7 +3412,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
tokenTimeout: twoFactorTimeout, // Two-factor authentication screen timeout in milliseconds, tokenTimeout: twoFactorTimeout, // Two-factor authentication screen timeout in milliseconds,
renderLanguages: obj.renderLanguages, renderLanguages: obj.renderLanguages,
showLanguageSelect: domain.showlanguageselect ? domain.showlanguageselect : false, showLanguageSelect: domain.showlanguageselect ? domain.showlanguageselect : false,
}, req, domain, (domain.sitestyle == 2 || domain.sitestyle == 3) ? 'login2' : 'login')); }, req, domain, (domain.sitestyle >= 2) ? 'login2' : 'login'));
} }
// Handle a post request on the root // Handle a post request on the root
@ -3616,7 +3616,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Check if we are in maintenance mode // Check if we are in maintenance mode
if (parent.config.settings.maintenancemode != null) { if (parent.config.settings.maintenancemode != null) {
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 3, msgid: 13, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 3, msgid: 13, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain));
return; return;
} }
@ -3770,10 +3770,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
setContentDispositionHeader(res, 'application/octet-stream', filename, null, 'file.bin'); setContentDispositionHeader(res, 'application/octet-stream', filename, null, 'file.bin');
try { res.sendFile(obj.path.resolve(__dirname, path)); } catch (e) { res.sendStatus(404); } try { res.sendFile(obj.path.resolve(__dirname, path)); } catch (e) { res.sendStatus(404); }
} else { } else {
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'download2' : 'download', req, domain), getRenderArgs({ rootCertLink: getRootCertLink(domain), messageid: 1, fileurl: req.path + '?download=1', filename: filename, filesize: stat.size }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'download2' : 'download', req, domain), getRenderArgs({ rootCertLink: getRootCertLink(domain), messageid: 1, fileurl: req.path + '?download=1', filename: filename, filesize: stat.size }, req, domain));
} }
} else { } else {
render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'download2' : 'download', req, domain), getRenderArgs({ rootCertLink: getRootCertLink(domain), messageid: 2 }, req, domain)); render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'download2' : 'download', req, domain), getRenderArgs({ rootCertLink: getRootCertLink(domain), messageid: 2 }, req, domain));
} }
} }
@ -3985,7 +3985,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
} }
var imagefile = 'images/mainwelcome.jpg'; var imagefile = 'images/mainwelcome.jpg';
if (domain.sitestyle == 2 || domain.sitestyle == 3) { imagefile = 'images/login/back.png'; } if (domain.sitestyle >= 2) { imagefile = 'images/login/back.png'; }
if (domain.webpublicpath != null) { if (domain.webpublicpath != null) {
obj.fs.exists(obj.path.join(domain.webpublicpath, imagefile), function (exists) { obj.fs.exists(obj.path.join(domain.webpublicpath, imagefile), function (exists) {
if (exists) { if (exists) {
@ -4132,7 +4132,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (typeof c.pid != 'string') { res.sendStatus(404); return; } if (typeof c.pid != 'string') { res.sendStatus(404); return; }
// Check the expired time, expire message. // Check the expired time, expire message.
if ((c.e != null) && (c.e <= Date.now())) { render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 12, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; } if ((c.e != null) && (c.e <= Date.now())) { render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 12, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; }
obj.db.Get('deviceshare-' + c.pid, function (err, docs) { obj.db.Get('deviceshare-' + c.pid, function (err, docs) {
if ((err != null) || (docs == null) || (docs.length != 1)) { res.sendStatus(404); return; } if ((err != null) || (docs == null) || (docs.length != 1)) { res.sendStatus(404); return; }
@ -4178,17 +4178,17 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
// Serve the guest sharing page // Serve the guest sharing page
function handleSharingRequestEx(req, res, domain, c) { function handleSharingRequestEx(req, res, domain, c) {
// Check the expired time, expire message. // Check the expired time, expire message.
if ((c.expire != null) && (c.expire <= Date.now())) { render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 12, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; } if ((c.expire != null) && (c.expire <= Date.now())) { render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 12, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; }
// Check the public id // Check the public id
obj.db.GetAllTypeNodeFiltered([c.nid], domain.id, 'deviceshare', null, function (err, docs) { obj.db.GetAllTypeNodeFiltered([c.nid], domain.id, 'deviceshare', null, function (err, docs) {
// Check if any sharing links are present, expire message. // Check if any sharing links are present, expire message.
if ((err != null) || (docs.length == 0)) { render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 12, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; } if ((err != null) || (docs.length == 0)) { render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 12, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; }
// Search for the device share public identifier, expire message. // Search for the device share public identifier, expire message.
var found = false; var found = false;
for (var i = 0; i < docs.length; i++) { if ((docs[i].publicid == c.pid) && ((docs[i].extrakey == null) || (docs[i].extrakey === c.k))) { found = true; } } for (var i = 0; i < docs.length; i++) { if ((docs[i].publicid == c.pid) && ((docs[i].extrakey == null) || (docs[i].extrakey === c.k))) { found = true; } }
if (found == false) { render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 12, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; } if (found == false) { render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 12, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; }
// Get information about this node // Get information about this node
obj.db.Get(c.nid, function (err, nodes) { obj.db.Get(c.nid, function (err, nodes) {
@ -4196,7 +4196,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
var node = nodes[0]; var node = nodes[0];
// Check the start time, not yet valid message. // Check the start time, not yet valid message.
if ((c.start != null) && (c.expire != null) && ((c.start > Date.now()) || (c.start > c.expire))) { render(req, res, getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 11, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; } if ((c.start != null) && (c.expire != null) && ((c.start > Date.now()) || (c.start > c.expire))) { render(req, res, getRenderPage((domain.sitestyle >= 2) ? 'message2' : 'message', req, domain), getRenderArgs({ titleid: 2, msgid: 11, domainurl: encodeURIComponent(domain.url).replace(/'/g, '%27') }, req, domain)); return; }
// If this is a web relay share, check if this feature is active // If this is a web relay share, check if this feature is active
if ((c.p == 8) || (c.p == 16)) { if ((c.p == 8) || (c.p == 16)) {
@ -7213,7 +7213,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if ((domain.loginkey != null) && (domain.loginkey.indexOf(req.query.key) == -1)) { res.sendStatus(404); return; } // Check 3FA URL if ((domain.loginkey != null) && (domain.loginkey.indexOf(req.query.key) == -1)) { res.sendStatus(404); return; } // Check 3FA URL
const cspNonce = obj.crypto.randomBytes(15).toString('base64'); const cspNonce = obj.crypto.randomBytes(15).toString('base64');
res.set({ 'Content-Security-Policy': "default-src 'none'; script-src 'self' 'nonce-" + cspNonce + "'; img-src 'self'; style-src 'self' 'nonce-" + cspNonce + "';" }); // This page supports very tight CSP policy res.set({ 'Content-Security-Policy': "default-src 'none'; script-src 'self' 'nonce-" + cspNonce + "'; img-src 'self'; style-src 'self' 'nonce-" + cspNonce + "';" }); // This page supports very tight CSP policy
res.status(404).render(getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'error4042' : 'error404', req, domain), getRenderArgs({ cspNonce: cspNonce }, req, domain)); res.status(404).render(getRenderPage((domain.sitestyle >= 2) ? 'error4042' : 'error404', req, domain), getRenderArgs({ cspNonce: cspNonce }, req, domain));
}); });
} }
@ -7236,7 +7236,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
if (obj.args.nice404 == false) { res.sendStatus(404); return; } if (obj.args.nice404 == false) { res.sendStatus(404); return; }
const cspNonce = obj.crypto.randomBytes(15).toString('base64'); const cspNonce = obj.crypto.randomBytes(15).toString('base64');
res.set({ 'Content-Security-Policy': "default-src 'none'; script-src 'self' 'nonce-" + cspNonce + "'; img-src 'self'; style-src 'self' 'nonce-" + cspNonce + "';" }); // This page supports very tight CSP policy res.set({ 'Content-Security-Policy': "default-src 'none'; script-src 'self' 'nonce-" + cspNonce + "'; img-src 'self'; style-src 'self' 'nonce-" + cspNonce + "';" }); // This page supports very tight CSP policy
res.status(404).render(getRenderPage((domain.sitestyle == 2 || domain.sitestyle == 3) ? 'error4042' : 'error404', req, domain), getRenderArgs({ cspNonce: cspNonce }, req, domain)); res.status(404).render(getRenderPage((domain.sitestyle >= 2) ? 'error4042' : 'error404', req, domain), getRenderArgs({ cspNonce: cspNonce }, req, domain));
} }
// Auth strategy flags // Auth strategy flags