Commit 945d309c authored by Dominik Hebeler's avatar Dominik Hebeler
Browse files

testing csp verification

parent 19fae3d9
......@@ -31,6 +31,7 @@ class TruncateLogs extends Command
\storage_path("logs/metager/bv_fail.csv"),
\storage_path("logs/metager/captcha_show.csv"),
\storage_path("logs/metager/captcha_solve.csv"),
\storage_path("logs/metager/csp_fail.csv"),
];
foreach ($log_files as $log_file) {
if (\file_exists($log_file) && \is_writable($log_file)) {
......
......@@ -293,6 +293,11 @@ class HumanVerification extends Controller
$bvData = [];
}
$bvData["js_loaded"] = now();
if ($request->has("sp")) {
$bvData["csp"] = false;
} else {
$bvData["csp"] = true;
}
Cache::put($key, $bvData, now()->addSeconds(30));
......
......@@ -135,6 +135,9 @@ class BrowserVerification
$search_settings->bv_key = $key;
$search_settings->javascript_enabled = true;
}
if (\array_key_exists("csp", $bvData) && $bvData["csp"] === false) {
$this->logCSP();
}
return true;
}
usleep(10 * 1000);
......@@ -183,4 +186,21 @@ class BrowserVerification
fclose($fh);
}
}
public static function logCSP()
{
$request = request();
$log = [
now()->format("Y-m-d H:i:s"),
$request->input("eingabe"),
"ua=" . $_SERVER["AGENT"],
];
$file_path = \storage_path("logs/metager/csp_fail.csv");
$fh = fopen($file_path, "a");
try {
\fputcsv($fh, $log);
} finally {
fclose($fh);
}
}
}
......@@ -10,6 +10,9 @@ document.querySelectorAll("link").forEach(element => {
}
let key = matches[1];
let url = "/img/logo.png?id=" + key;
if (window.sp == 1) {
url += "&sp"
}
return fetch(url);
});
......
......@@ -2,5 +2,8 @@
<html lang="{!! trans('staticPages.meta.language') !!}">
<head>
<meta charset="UTF-8">
<script>
window.sp = 1;
</script>
<link rel="stylesheet" href="/index.css?id={{ $key }}">
<script src="{{ mix('js/index.js') }}"></script>
<script src="{{ mix('js/index.js') }}"></script>
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment