Relocate static images and tighten Content-Policy
authorFelix Dörre <felix@dogcraft.de>
Thu, 3 Jul 2014 19:31:01 +0000 (21:31 +0200)
committerFelix Dörre <felix@dogcraft.de>
Thu, 3 Jul 2014 19:31:01 +0000 (21:31 +0200)
src/org/cacert/gigi/Gigi.java
src/org/cacert/gigi/Gigi.templ
static/static/images/bit.png [new file with mode: 0644]
static/static/images/cacert4.png [new file with mode: 0644]
static/static/images/nlnet.png [new file with mode: 0644]
static/static/images/oan.png [new file with mode: 0644]
static/static/images/tunix.png [new file with mode: 0644]

index 4b6b382699702b775cd25dd3e390f85495772015..b6aa90ebd5386b26f3742d41e7090a10829a297b 100644 (file)
@@ -151,7 +151,7 @@ public class Gigi extends HttpServlet {
                hsr.addHeader("Access-Control-Max-Age", "60");
                hsr.addHeader("Content-Security-Policy", "default-src 'self' https://"
                                + ServerConstants.getStaticHostNamePort()
-                               + " https://www.cacert.org/*;frame-ancestors 'none'");
+                               + ";frame-ancestors 'none'");
                // ;report-uri https://felix.dogcraft.de/report.php
 
        }
index ae226ec25e387d4b3a1f304806485caa109f23dc..95d178605da8a11bc4025d90068bf59ca0bbe1ce 100644 (file)
@@ -10,7 +10,7 @@
                <div id="pageName">
                        <br>
                        <div id="pageLogo">
-                               <a href="/"><img src="https://www.cacert.org/images/cacert4.png"
+                               <a href="/"><img src="https://<?=$static?>/images/cacert4.png"
                                        alt="CAcert.org logo"></a>
                        </div>
                        <div id="googlead">
                <div class="sponsorinfo">
                        Der CAcert-Betrieb wird gesponsert von
                        <a href="http://www.bit.nl/" target="_blank">
-                               <img class="sponsorlogo" src="https://www.cacert.org/images/bit.png" alt="[BIT logo]">
+                               <img class="sponsorlogo" src="https://<?=$static?>/images/bit.png" alt="[BIT logo]">
                        </a>
                        <a href="http://www.tunix.nl/" target="_blank">
-                               <img class="sponsorlogo" src="https://www.cacert.org/images/tunix.png" alt="[TUNIX logo]">
+                               <img class="sponsorlogo" src="https://<?=$static?>/images/tunix.png" alt="[TUNIX logo]">
                        </a>
                        <a href="http://www.nlnet.nl/" target="_blank">
-                               <img class="sponsorlogo" src="https://www.cacert.org/images/nlnet.png" alt="[NLnet logo]">
+                               <img class="sponsorlogo" src="https://<?=$static?>/images/nlnet.png" alt="[NLnet logo]">
                        </a>
                        <a href="http://www.openarchitecturenetwork.org/" target="_blank">
-                               <img class="sponsorlogo" src="https://www.cacert.org/images/oan.png" alt="[OAN logo]">
+                               <img class="sponsorlogo" src="https://<?=$static?>/images/oan.png" alt="[OAN logo]">
                        </a>
                </div>
 
                <div id="siteInfo">
                        <a href="//wiki.cacert.org/FAQ/AboutUs">Über uns</a> |
                        <a href="/index.php?id=13">Spenden</a> |
-                       <a href="http://wiki.cacert.org/wiki/CAcertIncorporated">Vereins-Mitgliedschaft</a> |
+                       <a href="//wiki.cacert.org/wiki/CAcertIncorporated">Vereins-Mitgliedschaft</a> |
                        <a href="/policy/PrivacyPolicy.html">Datenschutzrichtlinien</a> |
                        <a href="/index.php?id=51">Unsere Ziele</a> |
                        <a href="/index.php?id=11">Kontakt</a> |
diff --git a/static/static/images/bit.png b/static/static/images/bit.png
new file mode 100644 (file)
index 0000000..5597e3b
Binary files /dev/null and b/static/static/images/bit.png differ
diff --git a/static/static/images/cacert4.png b/static/static/images/cacert4.png
new file mode 100644 (file)
index 0000000..e4650a0
Binary files /dev/null and b/static/static/images/cacert4.png differ
diff --git a/static/static/images/nlnet.png b/static/static/images/nlnet.png
new file mode 100644 (file)
index 0000000..c7e5c46
Binary files /dev/null and b/static/static/images/nlnet.png differ
diff --git a/static/static/images/oan.png b/static/static/images/oan.png
new file mode 100644 (file)
index 0000000..548bb12
Binary files /dev/null and b/static/static/images/oan.png differ
diff --git a/static/static/images/tunix.png b/static/static/images/tunix.png
new file mode 100644 (file)
index 0000000..29adb60
Binary files /dev/null and b/static/static/images/tunix.png differ