Conditionally allow Gerrit to load in IFrame

Introduce new configuration option (gerrit.canLoadInIFrame) to allow loading Gerrit in IFrame. By default it is set to 'false' to keep current behavior. Change-Id: Ie13b6141a9dfb8a18348fc778fb5f6083f95bd14 Signed-off-by: Dariusz Luksza <dariusz@luksza.org>
2014-04-03 17:05:47 +02:00
parent c282d7b282
commit 7a046da6f5
4 changed files with 18 additions and 1 deletions
--- a/Documentation/config-gerrit.txt
+++ b/Documentation/config-gerrit.txt
@@ -1913,6 +1913,13 @@ file containing the class must be placed in the `$site_path/lib` folder.
 +
 If not specified, the default no-op implementation is used.

+[[gerrit.canLoadInIFrame]]gerrit.canLoadInIFrame::
+
+For security reasons Gerrit will always jump out of iframe.
+Setting this option to true will prevent this behavior.
+
+By default false.
+
 [[gitweb]]
 === Section gitweb

--- a/gerrit-common/src/main/java/com/google/gerrit/common/data/HostPageData.java
+++ b/gerrit-common/src/main/java/com/google/gerrit/common/data/HostPageData.java
@@ -40,6 +40,7 @@ public class HostPageData {
  public List<Message> messages;
  public Integer pluginsLoadTimeout;
  public boolean isNoteDbEnabled;
+  public boolean canLoadInIFrame;

  public static class Theme {
    public String backgroundColor;
--- a/gerrit-gwtui/src/main/java/com/google/gerrit/client/Gerrit.java
+++ b/gerrit-gwtui/src/main/java/com/google/gerrit/client/Gerrit.java
@@ -405,7 +405,9 @@ public class Gerrit implements EntryPoint {

  @Override
  public void onModuleLoad() {
-    UserAgent.assertNotInIFrame();
+    if (!canLoadInIFrame()) {
+      UserAgent.assertNotInIFrame();
+    }
    setXsrfToken();

    KeyUtil.setEncoderImpl(new KeyUtil.Encoder() {
@@ -507,6 +509,10 @@ public class Gerrit implements EntryPoint {
    }));
  }

+  private native boolean canLoadInIFrame() /*-{
+    return $wnd.gerrit_hostpagedata.canLoadInIFrame || false;
+  }-*/;
+
  private static void initHostname() {
    myHost = Location.getHostName();
    final int d1 = myHost.indexOf('.');
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/raw/HostPageServlet.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/raw/HostPageServlet.java
@@ -90,6 +90,7 @@ public class HostPageServlet extends HttpServlet {
  private final SiteStaticDirectoryServlet staticServlet;
  private final boolean isNoteDbEnabled;
  private final Integer pluginsLoadTimeout;
+  private final boolean canLoadInIFrame;
  private final GetDiffPreferences getDiff;
  private volatile Page page;

@@ -116,6 +117,7 @@ public class HostPageServlet extends HttpServlet {
    staticServlet = ss;
    isNoteDbEnabled = migration.readChanges();
    pluginsLoadTimeout = getPluginsLoadTimeout(cfg);
+    canLoadInIFrame = cfg.getBoolean("gerrit", "canLoadInIFrame", false);
    getDiff = diffPref;

    String pageName = "HostPage.html";
@@ -322,6 +324,7 @@ public class HostPageServlet extends HttpServlet {
      pageData.version = Version.getVersion();
      pageData.isNoteDbEnabled = isNoteDbEnabled;
      pageData.pluginsLoadTimeout = pluginsLoadTimeout;
+      pageData.canLoadInIFrame = canLoadInIFrame;

      StringWriter w = new StringWriter();
      w.write("var " + HPD_ID + "=");