kytv/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Console: Remove onload and unsafe CSP on iframed pages

Browse Source
This commit is contained in:
zzz
2020-05-11 18:04:19 +00:00
parent 8631db8769
commit 2cd2f25c56
5 changed files with 24 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
apps/routerconsole/jsp/torrents.jsp
View File

@@ -24,22 +24,23 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head>
<%@include file="css.jsi" %>
<%@include file="csp-unsafe.jsi" %>
<%=intl.title("torrents")%>
<script src="/js/iframed.js?<%=net.i2p.CoreVersion.VERSION%>" type="text/javascript"></script>
<%@include file="summaryajax.jsi" %>
<script nonce="<%=cspNonce%>" type="text/javascript">
function setupFrame() {
f = document.getElementById("i2psnarkframe");
injectClass(f);
resizeFrame(f);
f.addEventListener("load", function() {
injectClass(f);
resizeFrame(f);
}, true);
}
</script>
</head><body>
<%@include file="summary.jsi" %>
<h1><%=intl._t("I2P Torrent Manager")%> <span class="newtab"><a href="/i2psnark/" target="_blank" title="<%=intl._t("Open in new tab")%>"><img src="<%=intl.getTheme(request.getHeader("User-Agent"))%>images/newtab.png" /></a></span></h1>
<div class="main" id="torrents">
<iframe src="/i2psnark/" width="100%" height="100%" frameborder="0" border="0" name="i2psnarkframe" id="i2psnarkframe" onload="setupFrame()" allowtransparency="true">
<iframe src="/i2psnark/" width="100%" height="100%" frameborder="0" border="0" name="i2psnarkframe" id="i2psnarkframe" allowtransparency="true">
<%=intl._t("Your browser does not support iFrames.")%>
&nbsp;<a href="/i2psnark/"><%=intl._t("Click here to continue.")%></a>
</iframe>