Conditionally allow Gerrit to load in IFrame
Introduce new configuration option (gerrit.canLoadInIFrame) to allow loading Gerrit in IFrame. By default it is set to 'false' to keep current behavior. Change-Id: Ie13b6141a9dfb8a18348fc778fb5f6083f95bd14 Signed-off-by: Dariusz Luksza <dariusz@luksza.org>
This commit is contained in:

committed by
Shawn Pearce

parent
c282d7b282
commit
7a046da6f5
@@ -1913,6 +1913,13 @@ file containing the class must be placed in the `$site_path/lib` folder.
|
||||
+
|
||||
If not specified, the default no-op implementation is used.
|
||||
|
||||
[[gerrit.canLoadInIFrame]]gerrit.canLoadInIFrame::
|
||||
+
|
||||
For security reasons Gerrit will always jump out of iframe.
|
||||
Setting this option to true will prevent this behavior.
|
||||
+
|
||||
By default false.
|
||||
|
||||
[[gitweb]]
|
||||
=== Section gitweb
|
||||
|
||||
|
@@ -40,6 +40,7 @@ public class HostPageData {
|
||||
public List<Message> messages;
|
||||
public Integer pluginsLoadTimeout;
|
||||
public boolean isNoteDbEnabled;
|
||||
public boolean canLoadInIFrame;
|
||||
|
||||
public static class Theme {
|
||||
public String backgroundColor;
|
||||
|
@@ -405,7 +405,9 @@ public class Gerrit implements EntryPoint {
|
||||
|
||||
@Override
|
||||
public void onModuleLoad() {
|
||||
UserAgent.assertNotInIFrame();
|
||||
if (!canLoadInIFrame()) {
|
||||
UserAgent.assertNotInIFrame();
|
||||
}
|
||||
setXsrfToken();
|
||||
|
||||
KeyUtil.setEncoderImpl(new KeyUtil.Encoder() {
|
||||
@@ -507,6 +509,10 @@ public class Gerrit implements EntryPoint {
|
||||
}));
|
||||
}
|
||||
|
||||
private native boolean canLoadInIFrame() /*-{
|
||||
return $wnd.gerrit_hostpagedata.canLoadInIFrame || false;
|
||||
}-*/;
|
||||
|
||||
private static void initHostname() {
|
||||
myHost = Location.getHostName();
|
||||
final int d1 = myHost.indexOf('.');
|
||||
|
@@ -90,6 +90,7 @@ public class HostPageServlet extends HttpServlet {
|
||||
private final SiteStaticDirectoryServlet staticServlet;
|
||||
private final boolean isNoteDbEnabled;
|
||||
private final Integer pluginsLoadTimeout;
|
||||
private final boolean canLoadInIFrame;
|
||||
private final GetDiffPreferences getDiff;
|
||||
private volatile Page page;
|
||||
|
||||
@@ -116,6 +117,7 @@ public class HostPageServlet extends HttpServlet {
|
||||
staticServlet = ss;
|
||||
isNoteDbEnabled = migration.readChanges();
|
||||
pluginsLoadTimeout = getPluginsLoadTimeout(cfg);
|
||||
canLoadInIFrame = cfg.getBoolean("gerrit", "canLoadInIFrame", false);
|
||||
getDiff = diffPref;
|
||||
|
||||
String pageName = "HostPage.html";
|
||||
@@ -322,6 +324,7 @@ public class HostPageServlet extends HttpServlet {
|
||||
pageData.version = Version.getVersion();
|
||||
pageData.isNoteDbEnabled = isNoteDbEnabled;
|
||||
pageData.pluginsLoadTimeout = pluginsLoadTimeout;
|
||||
pageData.canLoadInIFrame = canLoadInIFrame;
|
||||
|
||||
StringWriter w = new StringWriter();
|
||||
w.write("var " + HPD_ID + "=");
|
||||
|
Reference in New Issue
Block a user