mirror of
https://github.com/mail-in-a-box/mailinabox.git
synced 2025-04-21 03:02:09 +00:00
8cea79de8b
pep8 (https://www.python.org/dev/peps/pep-0008/) is the commonly accepted and widely adopted code style convention for Python. I used pycodestyle (https://pycodestyle.readthedocs.io/en/latest/) to check for pep8 compatibility. Especially the mix of tabs and spaces in the Python files makes it hard to work with. I switched to spaces, because that's what pep8 expects and the majority of Python programmers use.
30 lines
885 B
Python
Executable File
30 lines
885 B
Python
Executable File
#!/usr/bin/python3
|
|
# Updates subresource integrity attributes in management/templates/index.html
|
|
# to prevent CDN-hosted resources from being used as an attack vector. Run this
|
|
# after updating the Bootstrap and jQuery <link> and <script> to compute the
|
|
# appropriate hash and insert it into the template.
|
|
|
|
import re
|
|
import urllib.request
|
|
import hashlib
|
|
import base64
|
|
|
|
fn = "management/templates/index.html"
|
|
|
|
with open(fn, 'r') as f:
|
|
content = f.read()
|
|
|
|
|
|
def make_integrity(url):
|
|
resource = urllib.request.urlopen(url).read()
|
|
return "sha256-" + base64.b64encode(hashlib.sha256(resource).digest()).decode('ascii')
|
|
|
|
|
|
content = re.sub(
|
|
r'<(link rel="stylesheet" href|script src)="(.*?)" integrity="(.*?)"',
|
|
lambda m: '<' + m.group(1) + '="' + m.group(2) + '" integrity="' + make_integrity(m.group(2)) + '"',
|
|
content)
|
|
|
|
with open(fn, 'w') as f:
|
|
f.write(content)
|