mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2026-03-04 14:29:35 +00:00
Compare commits
No commits in common. "db810445fbbfed0428f30f87c93cb146199a2a7a" and "5c4aa11b4b5a963fb01ff1cb315ff4bdda313819" have entirely different histories.
db810445fb
...
5c4aa11b4b
18 changed files with 82 additions and 204 deletions
|
|
@ -1,17 +0,0 @@
|
|||
# editorconfig.org
|
||||
|
||||
root = true
|
||||
|
||||
[*]
|
||||
charset = utf-8
|
||||
end_of_line = lf
|
||||
indent_size = 4
|
||||
indent_style = space
|
||||
insert_final_newline = true
|
||||
trim_trailing_whitespace = true
|
||||
|
||||
[{compose.yaml,compose.*.yaml}]
|
||||
indent_size = 2
|
||||
|
||||
[*.md]
|
||||
trim_trailing_whitespace = false
|
||||
8
.env
8
.env
|
|
@ -133,6 +133,9 @@ REDIRECT_TO_HTTPS=0
|
|||
# When this is empty the content of config/banner.md is used as banner
|
||||
BANNER=""
|
||||
|
||||
APP_ENV=prod
|
||||
APP_SECRET=a03498528f5a5fc089273ec9ae5b2849
|
||||
|
||||
# Set this to zero, if you want to disable the year 2038 bug check on 32-bit systems (it will cause errors with current 32-bit PHP versions)
|
||||
DISABLE_YEAR2038_BUG_CHECK=0
|
||||
|
||||
|
|
@ -150,8 +153,3 @@ LOCK_DSN=flock
|
|||
###> nelmio/cors-bundle ###
|
||||
CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
|
||||
###< nelmio/cors-bundle ###
|
||||
|
||||
###> symfony/framework-bundle ###
|
||||
APP_ENV=prod
|
||||
APP_SECRET=
|
||||
###< symfony/framework-bundle ###
|
||||
|
|
|
|||
4
.env.dev
4
.env.dev
|
|
@ -1,4 +0,0 @@
|
|||
|
||||
###> symfony/framework-bundle ###
|
||||
APP_SECRET=318b5d659e07a0b3f96d9b3a83b254ca
|
||||
###< symfony/framework-bundle ###
|
||||
|
|
@ -1,79 +0,0 @@
|
|||
const nameCheck = /^[-_a-zA-Z0-9]{4,22}$/;
|
||||
const tokenCheck = /^[-_/+a-zA-Z0-9]{24,}$/;
|
||||
|
||||
// Generate and double-submit a CSRF token in a form field and a cookie, as defined by Symfony's SameOriginCsrfTokenManager
|
||||
document.addEventListener('submit', function (event) {
|
||||
generateCsrfToken(event.target);
|
||||
}, true);
|
||||
|
||||
// When @hotwired/turbo handles form submissions, send the CSRF token in a header in addition to a cookie
|
||||
// The `framework.csrf_protection.check_header` config option needs to be enabled for the header to be checked
|
||||
document.addEventListener('turbo:submit-start', function (event) {
|
||||
const h = generateCsrfHeaders(event.detail.formSubmission.formElement);
|
||||
Object.keys(h).map(function (k) {
|
||||
event.detail.formSubmission.fetchRequest.headers[k] = h[k];
|
||||
});
|
||||
});
|
||||
|
||||
// When @hotwired/turbo handles form submissions, remove the CSRF cookie once a form has been submitted
|
||||
document.addEventListener('turbo:submit-end', function (event) {
|
||||
removeCsrfToken(event.detail.formSubmission.formElement);
|
||||
});
|
||||
|
||||
export function generateCsrfToken (formElement) {
|
||||
const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
|
||||
|
||||
if (!csrfField) {
|
||||
return;
|
||||
}
|
||||
|
||||
let csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
|
||||
let csrfToken = csrfField.value;
|
||||
|
||||
if (!csrfCookie && nameCheck.test(csrfToken)) {
|
||||
csrfField.setAttribute('data-csrf-protection-cookie-value', csrfCookie = csrfToken);
|
||||
csrfField.defaultValue = csrfToken = btoa(String.fromCharCode.apply(null, (window.crypto || window.msCrypto).getRandomValues(new Uint8Array(18))));
|
||||
csrfField.dispatchEvent(new Event('change', { bubbles: true }));
|
||||
}
|
||||
|
||||
if (csrfCookie && tokenCheck.test(csrfToken)) {
|
||||
const cookie = csrfCookie + '_' + csrfToken + '=' + csrfCookie + '; path=/; samesite=strict';
|
||||
document.cookie = window.location.protocol === 'https:' ? '__Host-' + cookie + '; secure' : cookie;
|
||||
}
|
||||
}
|
||||
|
||||
export function generateCsrfHeaders (formElement) {
|
||||
const headers = {};
|
||||
const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
|
||||
|
||||
if (!csrfField) {
|
||||
return headers;
|
||||
}
|
||||
|
||||
const csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
|
||||
|
||||
if (tokenCheck.test(csrfField.value) && nameCheck.test(csrfCookie)) {
|
||||
headers[csrfCookie] = csrfField.value;
|
||||
}
|
||||
|
||||
return headers;
|
||||
}
|
||||
|
||||
export function removeCsrfToken (formElement) {
|
||||
const csrfField = formElement.querySelector('input[data-controller="csrf-protection"], input[name="_csrf_token"]');
|
||||
|
||||
if (!csrfField) {
|
||||
return;
|
||||
}
|
||||
|
||||
const csrfCookie = csrfField.getAttribute('data-csrf-protection-cookie-value');
|
||||
|
||||
if (tokenCheck.test(csrfField.value) && nameCheck.test(csrfCookie)) {
|
||||
const cookie = csrfCookie + '_' + csrfField.value + '=0; path=/; samesite=strict; max-age=0';
|
||||
|
||||
document.cookie = window.location.protocol === 'https:' ? '__Host-' + cookie + '; secure' : cookie;
|
||||
}
|
||||
}
|
||||
|
||||
/* stimulusFetch: 'lazy' */
|
||||
export default 'csrf-protection-controller';
|
||||
|
|
@ -1,12 +0,0 @@
|
|||
# Enable stateless CSRF protection for forms and logins/logouts
|
||||
framework:
|
||||
form:
|
||||
csrf_protection:
|
||||
token_id: submit
|
||||
|
||||
csrf_protection:
|
||||
check_header: true
|
||||
stateless_token_ids:
|
||||
- submit
|
||||
- authenticate
|
||||
- logout
|
||||
|
|
@ -1,6 +1,9 @@
|
|||
# see https://symfony.com/doc/current/reference/configuration/framework.html
|
||||
framework:
|
||||
secret: '%env(APP_SECRET)%'
|
||||
csrf_protection: true
|
||||
annotations: false
|
||||
handle_all_throwables: true
|
||||
|
||||
# We set this header by ourselves, so we can disable it here
|
||||
disallow_search_engine_index: false
|
||||
|
|
@ -27,6 +30,8 @@ framework:
|
|||
|
||||
#esi: true
|
||||
#fragments: true
|
||||
php_errors:
|
||||
log: true
|
||||
|
||||
when@test:
|
||||
framework:
|
||||
|
|
|
|||
|
|
@ -1,3 +0,0 @@
|
|||
framework:
|
||||
property_info:
|
||||
with_constructor_extractor: true
|
||||
|
|
@ -1,5 +1,7 @@
|
|||
framework:
|
||||
router:
|
||||
utf8: true
|
||||
|
||||
# Configure how to generate URLs in non-HTTP contexts, such as CLI commands.
|
||||
# See https://symfony.com/doc/current/routing.html#generating-urls-in-commands
|
||||
default_uri: '%env(DEFAULT_URI)%'
|
||||
|
|
|
|||
4
config/packages/uid.yaml
Normal file
4
config/packages/uid.yaml
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
framework:
|
||||
uid:
|
||||
default_uuid_version: 7
|
||||
time_based_uuid_version: 7
|
||||
|
|
@ -1,5 +1,7 @@
|
|||
framework:
|
||||
validation:
|
||||
email_validation_mode: html5
|
||||
|
||||
# Enables validator auto-mapping support.
|
||||
# For instance, basic validation constraints will be inferred from Doctrine's metadata.
|
||||
#auto_mapping:
|
||||
|
|
|
|||
|
|
@ -1,13 +1,17 @@
|
|||
when@dev:
|
||||
web_profiler:
|
||||
toolbar: true
|
||||
intercept_redirects: false
|
||||
|
||||
framework:
|
||||
profiler:
|
||||
only_exceptions: false
|
||||
collect_serializer_data: true
|
||||
|
||||
when@test:
|
||||
web_profiler:
|
||||
toolbar: false
|
||||
intercept_redirects: false
|
||||
|
||||
framework:
|
||||
profiler:
|
||||
collect: false
|
||||
collect_serializer_data: true
|
||||
profiler: { collect: false }
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
when@dev:
|
||||
_errors:
|
||||
resource: '@FrameworkBundle/Resources/config/routing/errors.php'
|
||||
resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
|
||||
prefix: /_error
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
when@dev:
|
||||
web_profiler_wdt:
|
||||
resource: '@WebProfilerBundle/Resources/config/routing/wdt.php'
|
||||
resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'
|
||||
prefix: /_wdt
|
||||
|
||||
web_profiler_profiler:
|
||||
resource: '@WebProfilerBundle/Resources/config/routing/profiler.php'
|
||||
resource: '@WebProfilerBundle/Resources/config/routing/profiler.xml'
|
||||
prefix: /_profiler
|
||||
|
|
|
|||
|
|
@ -29,6 +29,10 @@ services:
|
|||
# this creates a service per class whose id is the fully-qualified class name
|
||||
App\:
|
||||
resource: '../src/'
|
||||
exclude:
|
||||
- '../src/DependencyInjection/'
|
||||
- '../src/Entity/'
|
||||
- '../src/Kernel.php'
|
||||
|
||||
# controllers are imported separately to make sure services can be injected
|
||||
# as action arguments even if you don't extend any base controller class
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ DirectoryIndex index.php
|
|||
# - use Apache >= 2.3.9 and replace all L flags by END flags and remove the
|
||||
# following RewriteCond (best solution)
|
||||
RewriteCond %{ENV:REDIRECT_STATUS} =""
|
||||
RewriteRule ^index\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=308,L]
|
||||
RewriteRule ^index\.php(?:/(.*)|$) %{ENV:BASE}/$1 [R=301,L]
|
||||
|
||||
# If the requested filename exists, simply serve it.
|
||||
# We only want to let Apache serve files and not directories.
|
||||
|
|
|
|||
116
symfony.lock
116
symfony.lock
|
|
@ -1,11 +1,11 @@
|
|||
{
|
||||
"api-platform/core": {
|
||||
"version": "3.4",
|
||||
"version": "3.2",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "3.3",
|
||||
"ref": "74b45ac570c57eb1fbe56c984091a9ff87e18bab"
|
||||
"version": "3.2",
|
||||
"ref": "696d44adc3c0d4f5d25a2f1c4f3700dd8a5c6db9"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/api_platform.yaml",
|
||||
|
|
@ -314,12 +314,12 @@
|
|||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "9.6",
|
||||
"ref": "6a9341aa97d441627f8bd424ae85dc04c944f8b4"
|
||||
"ref": "7364a21d87e658eb363c5020c072ecfdc12e2326"
|
||||
},
|
||||
"files": [
|
||||
".env.test",
|
||||
"phpunit.xml.dist",
|
||||
"tests/bootstrap.php"
|
||||
"./.env.test",
|
||||
"./phpunit.xml.dist",
|
||||
"./tests/bootstrap.php"
|
||||
]
|
||||
},
|
||||
"psr/cache": {
|
||||
|
|
@ -389,10 +389,10 @@
|
|||
"repo": "github.com/symfony/recipes-contrib",
|
||||
"branch": "main",
|
||||
"version": "1.0",
|
||||
"ref": "5d454ec6cc4c700ed3d963f3803e1d427d9669fb"
|
||||
"ref": "0f18b4decdf5695d692c1d0dfd65516a07a6adf1"
|
||||
},
|
||||
"files": [
|
||||
"public/.htaccess"
|
||||
"./public/.htaccess"
|
||||
]
|
||||
},
|
||||
"symfony/asset": {
|
||||
|
|
@ -484,27 +484,17 @@
|
|||
]
|
||||
},
|
||||
"symfony/form": {
|
||||
"version": "7.3",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "7.2",
|
||||
"ref": "7d86a6723f4a623f59e2bf966b6aad2fc461d36b"
|
||||
},
|
||||
"files": [
|
||||
"./config/packages/csrf.yaml"
|
||||
]
|
||||
"version": "v4.2.3"
|
||||
},
|
||||
"symfony/framework-bundle": {
|
||||
"version": "7.3",
|
||||
"version": "6.4",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "7.3",
|
||||
"ref": "5a1497d539f691b96afd45ae397ce5fe30beb4b9"
|
||||
"version": "6.4",
|
||||
"ref": "a91c965766ad3ff2ae15981801643330eb42b6a5"
|
||||
},
|
||||
"files": [
|
||||
".editorconfig",
|
||||
"config/packages/cache.yaml",
|
||||
"config/packages/framework.yaml",
|
||||
"config/preload.php",
|
||||
|
|
@ -531,15 +521,15 @@
|
|||
"version": "v4.2.3"
|
||||
},
|
||||
"symfony/mailer": {
|
||||
"version": "7.3",
|
||||
"version": "6.4",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "4.3",
|
||||
"ref": "09051cfde49476e3c12cd3a0e44289ace1c75a4f"
|
||||
"ref": "df66ee1f226c46f01e85c29c2f7acce0596ba35a"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/mailer.yaml"
|
||||
"./config/packages/mailer.yaml"
|
||||
]
|
||||
},
|
||||
"symfony/maker-bundle": {
|
||||
|
|
@ -618,24 +608,15 @@
|
|||
"version": "v4.2.3"
|
||||
},
|
||||
"symfony/property-info": {
|
||||
"version": "7.3",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "7.3",
|
||||
"ref": "dae70df71978ae9226ae915ffd5fad817f5ca1f7"
|
||||
},
|
||||
"files": [
|
||||
"./config/packages/property_info.yaml"
|
||||
]
|
||||
"version": "v4.2.3"
|
||||
},
|
||||
"symfony/routing": {
|
||||
"version": "7.3",
|
||||
"version": "6.2",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "7.0",
|
||||
"ref": "21b72649d5622d8f7da329ffb5afb232a023619d"
|
||||
"version": "6.2",
|
||||
"ref": "e0a11b4ccb8c9e70b574ff5ad3dfdcd41dec5aa6"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/routing.yaml",
|
||||
|
|
@ -674,18 +655,17 @@
|
|||
"version": "v1.1.5"
|
||||
},
|
||||
"symfony/stimulus-bundle": {
|
||||
"version": "2.27",
|
||||
"version": "2.16",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "2.20",
|
||||
"ref": "e058471c5502e549c1404ebdd510099107bb5549"
|
||||
"version": "2.13",
|
||||
"ref": "6acd9ff4f7fd5626d2962109bd4ebab351d43c43"
|
||||
},
|
||||
"files": [
|
||||
"assets/bootstrap.js",
|
||||
"assets/controllers.json",
|
||||
"assets/controllers/csrf_protection_controller.js",
|
||||
"assets/controllers/hello_controller.js"
|
||||
"./assets/bootstrap.js",
|
||||
"./assets/controllers.json",
|
||||
"./assets/controllers/hello_controller.js"
|
||||
]
|
||||
},
|
||||
"symfony/stopwatch": {
|
||||
|
|
@ -695,16 +675,16 @@
|
|||
"version": "v5.1.0"
|
||||
},
|
||||
"symfony/translation": {
|
||||
"version": "7.3",
|
||||
"version": "6.4",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "6.3",
|
||||
"ref": "620a1b84865ceb2ba304c8f8bf2a185fbf32a843"
|
||||
"ref": "e28e27f53663cc34f0be2837aba18e3a1bef8e7b"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/translation.yaml",
|
||||
"translations/.gitignore"
|
||||
"./config/packages/translation.yaml",
|
||||
"./translations/.gitignore"
|
||||
]
|
||||
},
|
||||
"symfony/translation-contracts": {
|
||||
|
|
@ -727,14 +707,16 @@
|
|||
]
|
||||
},
|
||||
"symfony/uid": {
|
||||
"version": "7.3",
|
||||
"version": "6.2",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "7.0",
|
||||
"ref": "0df5844274d871b37fc3816c57a768ffc60a43a5"
|
||||
"version": "6.2",
|
||||
"ref": "d294ad4add3e15d7eb1bae0221588ca89b38e558"
|
||||
},
|
||||
"files": []
|
||||
"files": [
|
||||
"./config/packages/uid.yaml"
|
||||
]
|
||||
},
|
||||
"symfony/ux-translator": {
|
||||
"version": "2.9",
|
||||
|
|
@ -752,21 +734,15 @@
|
|||
]
|
||||
},
|
||||
"symfony/ux-turbo": {
|
||||
"version": "2.27",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "2.20",
|
||||
"ref": "e4b951d7de760751e170c6d2e3b565cf9ed5182f"
|
||||
}
|
||||
"version": "v2.16.0"
|
||||
},
|
||||
"symfony/validator": {
|
||||
"version": "7.3",
|
||||
"version": "5.4",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "7.0",
|
||||
"ref": "8c1c4e28d26a124b0bb273f537ca8ce443472bfd"
|
||||
"branch": "master",
|
||||
"version": "5.3",
|
||||
"ref": "c32cfd98f714894c4f128bb99aa2530c1227603c"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/validator.yaml"
|
||||
|
|
@ -782,12 +758,12 @@
|
|||
"version": "v4.2.3"
|
||||
},
|
||||
"symfony/web-profiler-bundle": {
|
||||
"version": "7.3",
|
||||
"version": "6.3",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "7.3",
|
||||
"ref": "a363460c1b0b4a4d0242f2ce1a843ca0f6ac9026"
|
||||
"version": "6.1",
|
||||
"ref": "e42b3f0177df239add25373083a564e5ead4e13a"
|
||||
},
|
||||
"files": [
|
||||
"config/packages/web_profiler.yaml",
|
||||
|
|
@ -795,12 +771,12 @@
|
|||
]
|
||||
},
|
||||
"symfony/webpack-encore-bundle": {
|
||||
"version": "2.2",
|
||||
"version": "2.1",
|
||||
"recipe": {
|
||||
"repo": "github.com/symfony/recipes",
|
||||
"branch": "main",
|
||||
"version": "2.0",
|
||||
"ref": "9ef5412a4a2a8415aca3a3f2b4edd3866aab9a19"
|
||||
"ref": "082d754b3bd54b3fc669f278f1eea955cfd23cf5"
|
||||
},
|
||||
"files": [
|
||||
"assets/app.js",
|
||||
|
|
|
|||
|
|
@ -4,8 +4,9 @@ declare(strict_types=1);
|
|||
|
||||
use Symfony\Component\Dotenv\Dotenv;
|
||||
require dirname(__DIR__).'/vendor/autoload.php';
|
||||
|
||||
if (method_exists(Dotenv::class, 'bootEnv')) {
|
||||
if (file_exists(dirname(__DIR__).'/config/bootstrap.php')) {
|
||||
require dirname(__DIR__).'/config/bootstrap.php';
|
||||
} elseif (method_exists(Dotenv::class, 'bootEnv')) {
|
||||
(new Dotenv())->bootEnv(dirname(__DIR__).'/.env');
|
||||
}
|
||||
if ($_SERVER['APP_DEBUG']) {
|
||||
|
|
|
|||
|
|
@ -86,10 +86,7 @@ Encore
|
|||
* https://symfony.com/doc/current/frontend.html#adding-more-features
|
||||
*/
|
||||
.cleanupOutputBeforeBuild()
|
||||
|
||||
// Displays build status system notifications to the user
|
||||
// .enableBuildNotifications()
|
||||
|
||||
.enableBuildNotifications()
|
||||
.enableSourceMaps(!Encore.isProduction())
|
||||
// enables hashed filenames (e.g. app.abc123.css)
|
||||
//.enableVersioning(Encore.isProduction())
|
||||
|
|
@ -105,7 +102,7 @@ Encore
|
|||
// enables and configure @babel/preset-env polyfills
|
||||
.configureBabelPresetEnv((config) => {
|
||||
config.useBuiltIns = 'usage';
|
||||
config.corejs = '3.38';
|
||||
config.corejs = '3.23';
|
||||
})
|
||||
// enables Sass/SCSS support
|
||||
//.enableSassLoader()
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue